How do i authenticate a rest call in firebase?

Question

I want to do a rest call on some data protected by some rule using the aid of my user, so i need to had the token to my request. depending of which version of firebase documentation there is different way: old and deprecated way (https://www.firebase.com/docs/rest/api/):

'https://samplechat.firebaseio-demo.com/users/jack/name.json?auth=<TOKEN>'

new way and i m quoting the doc (https://firebase.google.com/docs/reference/rest/database/user-auth#section-get):

Using the access token The Database REST API will accept access_token= on the query string or header Authenticate: Bearer to authenticate a request with a service account.

'https://samplechat.firebaseio-demo.com/users/jack/name.json?access_token=<TOKEN>'

the new way is not working for me even if I used the new firebase console when i set it up, and even if the token that i m using is generated using the new Firebase sdk. Does someone know why only the deprecated way is working? I was interested to put the token in the header of my requests but can not do.

Answer 1

You need to put the access_token in the headers.

Header name : Authorization

Header content : Bearer the_token

To try it and put some headers you can use some tools like postman for google chrome or other tools.

Answer 2

For java: I tried to use auth to access DatabaseRealtime. Run:

curl 'https://PROJECT_ID.firebaseio.com/users.json?auth=DATABASE_SECRET'

It worked but this way deprecated.
After that I tried to use access_token I met issue when use access_token to query Database in my firebase project. I already found out root cause for bugs I met before. Because access_token is generated incorrectly. I tried to generate access_token again, tried to use the access_token as bellow:

1. add google-api-client into pom.xml

<dependency>
      <groupId>com.google.api-client</groupId>
      <artifactId>google-api-client</artifactId>
      <version>1.22.0</version>
    </dependency>

2. Get token

 public static void main(String[] args) throws Exception {
           GoogleCredential googleCred = GoogleCredential.fromStream(new 
           FileInputStream("C://realtime.json"));
           GoogleCredential scoped = googleCred.createScoped(
                         Arrays.asList(
       // or use firebase.database.readonly for read-only access
           "https://www.googleapis.com/auth/firebase.database",                           
    "https://www.googleapis.com/auth/userinfo.email"
                          )
                  );
                  scoped.refreshToken();
                  String token = scoped.getAccessToken();
                  System.out.println(token);
              }

3. try to access database Copy the value printed out above
Run curl:

curl 'https://PROJECT_ID.firebaseio.com/users.json?access_token=TOKEN'

It worked well.

For more information refer link: https://firebase.google.com/docs/reference/rest/database/user-auth#section-get