is firebase user id unique per provider (facebook, twitter, password)

Question

If allowing multiple auth providers in firebase (twitter, facebook, password), is it best to store users in this manner:

/users/[auth.id]_[auth.provider]/...

It looks like there could be overlap in auth.id based on the provider.

Most of the examples have the security file only checking auth.id. I'm attempting to avoid the complexity of creating my own user ids.

Thoughts?

Answer 1

Yes, if you're using multiple auth providers with Simple Login, it's recommended to prefix or suffix them with the provider, as you have. auth.id is only guaranteed to be unique within the same provider.

Firebase now provides a uid parameter on the auth object, which is guaranteed to be unique across providers. For example, see "After Authenticating" on any of the simple login providers, such as email/password