public class

FirebaseAuth

extends Object
java.lang.Object
   ↳ com.google.firebase.auth.FirebaseAuth

Class Overview

This class is the entry point for all server-side Firebase Authentication actions.

You can get an instance of FirebaseAuth via getInstance(FirebaseApp) and then use it to perform a variety of authentication-related operations, including generating custom tokens for use by client-side code, verifying Firebase ID Tokens received from clients, or creating new FirebaseApp instances that are scoped to a particular authentication UID.

Summary

Public Methods
Task<String> createCustomToken(String uid)
This method is deprecated. Use createCustomTokenAsync(String)
Task<String> createCustomToken(String uid, Map<String, Object> developerClaims)
This method is deprecated. Use createCustomTokenAsync(String, Map)
ApiFuture<String> createCustomTokenAsync(String uid, Map<String, Object> developerClaims)
Creates a Firebase Custom Token associated with the given UID and additionally containing the specified developerClaims.
ApiFuture<String> createCustomTokenAsync(String uid)
Creates a Firebase Custom Token associated with the given UID.
Task<UserRecord> createUser(UserRecord.CreateRequest request)
This method is deprecated. Use createUserAsync(CreateRequest)
ApiFuture<UserRecord> createUserAsync(UserRecord.CreateRequest request)
Creates a new user account with the attributes contained in the specified UserRecord.CreateRequest.
Task<Void> deleteUser(String uid)
This method is deprecated. Use deleteUserAsync(String)
ApiFuture<Void> deleteUserAsync(String uid)
Deletes the user identified by the specified user ID.
static FirebaseAuth getInstance()
Gets the FirebaseAuth instance for the default FirebaseApp.
synchronized static FirebaseAuth getInstance(FirebaseApp app)
Gets an instance of FirebaseAuth for a specific FirebaseApp.
Task<UserRecord> getUser(String uid)
This method is deprecated. Use getUserAsync(String)
ApiFuture<UserRecord> getUserAsync(String uid)
Gets the user data corresponding to the specified user ID.
Task<UserRecord> getUserByEmail(String email)
This method is deprecated. Use getUserByEmailAsync(String)
ApiFuture<UserRecord> getUserByEmailAsync(String email)
Gets the user data corresponding to the specified user email.
Task<UserRecord> getUserByPhoneNumber(String phoneNumber)
This method is deprecated. Use getUserByPhoneNumberAsync(String)
ApiFuture<UserRecord> getUserByPhoneNumberAsync(String phoneNumber)
Gets the user data corresponding to the specified user phone number.
ApiFuture<ListUsersPage> listUsersAsync(String pageToken, int maxResults)
Gets a page of users starting from the specified pageToken.
ApiFuture<ListUsersPage> listUsersAsync(String pageToken)
Gets a page of users starting from the specified pageToken.
ApiFuture<Void> revokeRefreshTokensAsync(String uid)
Revokes all refresh tokens for the specified user.
ApiFuture<Void> setCustomUserClaimsAsync(String uid, Map<String, Object> claims)
Sets the specified custom claims on an existing user account.
Task<UserRecord> updateUser(UserRecord.UpdateRequest request)
This method is deprecated. Use updateUserAsync(UpdateRequest)
ApiFuture<UserRecord> updateUserAsync(UserRecord.UpdateRequest request)
Updates an existing user account with the attributes contained in the specified UserRecord.UpdateRequest.
Task<FirebaseToken> verifyIdToken(String token)
This method is deprecated. Use verifyIdTokenAsync(String)
ApiFuture<FirebaseToken> verifyIdTokenAsync(String token, boolean checkRevoked)
Parses and verifies a Firebase ID Token and if requested, checks whether it was revoked.
ApiFuture<FirebaseToken> verifyIdTokenAsync(String token)
Parses and verifies a Firebase ID Token.
[Expand]
Inherited Methods
From class java.lang.Object

Public Methods

public Task<String> createCustomToken (String uid)

This method is deprecated.
Use createCustomTokenAsync(String)

Similar to createCustomTokenAsync(String), but returns a Task.

Parameters
uid The UID to store in the token. This identifies the user to other Firebase services (Firebase Database, Firebase Auth, etc.)
Returns
  • A Task which will complete successfully with the created Firebase Custom Token, or unsuccessfully with the failure Exception.

public Task<String> createCustomToken (String uid, Map<String, Object> developerClaims)

This method is deprecated.
Use createCustomTokenAsync(String, Map)

Similar to createCustomTokenAsync(String, Map), but returns a Task.

Parameters
uid The UID to store in the token. This identifies the user to other Firebase services (Realtime Database, Storage, etc.). Should be less than 128 characters.
developerClaims Additional claims to be stored in the token (and made available to security rules in Database, Storage, etc.). These must be able to be serialized to JSON (e.g. contain only Maps, Arrays, Strings, Booleans, Numbers, etc.)
Returns
  • A Task which will complete successfully with the created Firebase Custom Token, or unsuccessfully with the failure Exception.

public ApiFuture<String> createCustomTokenAsync (String uid, Map<String, Object> developerClaims)

Creates a Firebase Custom Token associated with the given UID and additionally containing the specified developerClaims. This token can then be provided back to a client application for use with the signInWithCustomToken authentication API.

Parameters
uid The UID to store in the token. This identifies the user to other Firebase services (Realtime Database, Storage, etc.). Should be less than 128 characters.
developerClaims Additional claims to be stored in the token (and made available to security rules in Database, Storage, etc.). These must be able to be serialized to JSON (e.g. contain only Maps, Arrays, Strings, Booleans, Numbers, etc.)
Returns
  • An ApiFuture which will complete successfully with the created Firebase Custom Token, or unsuccessfully with the failure Exception.

public ApiFuture<String> createCustomTokenAsync (String uid)

Creates a Firebase Custom Token associated with the given UID. This token can then be provided back to a client application for use with the signInWithCustomToken authentication API.

Parameters
uid The UID to store in the token. This identifies the user to other Firebase services (Firebase Realtime Database, Firebase Auth, etc.)
Returns
  • An ApiFuture which will complete successfully with the created Firebase Custom Token, or unsuccessfully with the failure Exception.

public Task<UserRecord> createUser (UserRecord.CreateRequest request)

This method is deprecated.
Use createUserAsync(CreateRequest)

Similar to createUserAsync(CreateRequest), but returns a Task.

Parameters
request A non-null UserRecord.CreateRequest instance.
Returns
  • A Task which will complete successfully with a UserRecord instance corresponding to the newly created account. If an error occurs while creating the user account, the task fails with a FirebaseAuthException.
Throws
NullPointerException if the provided request is null.

public ApiFuture<UserRecord> createUserAsync (UserRecord.CreateRequest request)

Creates a new user account with the attributes contained in the specified UserRecord.CreateRequest.

Parameters
request A non-null UserRecord.CreateRequest instance.
Returns
  • An ApiFuture which will complete successfully with a UserRecord instance corresponding to the newly created account. If an error occurs while creating the user account, the future throws a FirebaseAuthException.
Throws
NullPointerException if the provided request is null.

public Task<Void> deleteUser (String uid)

This method is deprecated.
Use deleteUserAsync(String)

Similar to deleteUserAsync(String), but returns a Task.

Parameters
uid A user ID string.
Returns
  • A Task which will complete successfully when the specified user account has been deleted. If an error occurs while deleting the user account, the task fails with a FirebaseAuthException.
Throws
IllegalArgumentException If the user ID string is null or empty.

public ApiFuture<Void> deleteUserAsync (String uid)

Deletes the user identified by the specified user ID.

Parameters
uid A user ID string.
Returns
  • An ApiFuture which will complete successfully when the specified user account has been deleted. If an error occurs while deleting the user account, the future throws a FirebaseAuthException.
Throws
IllegalArgumentException If the user ID string is null or empty.

public static FirebaseAuth getInstance ()

Gets the FirebaseAuth instance for the default FirebaseApp.

Returns
  • The FirebaseAuth instance for the default FirebaseApp.

public static synchronized FirebaseAuth getInstance (FirebaseApp app)

Gets an instance of FirebaseAuth for a specific FirebaseApp.

Parameters
app The FirebaseApp to get a FirebaseAuth instance for.
Returns
  • A FirebaseAuth instance.

public Task<UserRecord> getUser (String uid)

This method is deprecated.
Use getUserAsync(String)

Similar to getUserAsync(String), but returns a Task.

Parameters
uid A user ID string.
Returns
  • A Task which will complete successfully with a UserRecord instance. If an error occurs while retrieving user data or if the specified user ID does not exist, the task fails with a FirebaseAuthException.
Throws
IllegalArgumentException If the user ID string is null or empty.

public ApiFuture<UserRecord> getUserAsync (String uid)

Gets the user data corresponding to the specified user ID.

Parameters
uid A user ID string.
Returns
  • An ApiFuture which will complete successfully with a UserRecord instance. If an error occurs while retrieving user data or if the specified user ID does not exist, the future throws a FirebaseAuthException.
Throws
IllegalArgumentException If the user ID string is null or empty.

public Task<UserRecord> getUserByEmail (String email)

This method is deprecated.
Use getUserByEmailAsync(String)

Similar to getUserByEmailAsync(String), but returns a Task.

Parameters
email A user email address string.
Returns
  • A Task which will complete successfully with a UserRecord instance. If an error occurs while retrieving user data or if the email address does not correspond to a user, the task fails with a FirebaseAuthException.
Throws
IllegalArgumentException If the email is null or empty.

public ApiFuture<UserRecord> getUserByEmailAsync (String email)

Gets the user data corresponding to the specified user email.

Parameters
email A user email address string.
Returns
  • An ApiFuture which will complete successfully with a UserRecord instance. If an error occurs while retrieving user data or if the email address does not correspond to a user, the future throws a FirebaseAuthException.
Throws
IllegalArgumentException If the email is null or empty.

public Task<UserRecord> getUserByPhoneNumber (String phoneNumber)

This method is deprecated.
Use getUserByPhoneNumberAsync(String)

Similar to getUserByPhoneNumberAsync(String), but returns a Task.

Parameters
phoneNumber A user phone number string.
Returns
  • A Task which will complete successfully with a UserRecord instance. If an error occurs while retrieving user data or if the phone number does not correspond to a user, the task fails with a FirebaseAuthException.
Throws
IllegalArgumentException If the phone number is null or empty.

public ApiFuture<UserRecord> getUserByPhoneNumberAsync (String phoneNumber)

Gets the user data corresponding to the specified user phone number.

Parameters
phoneNumber A user phone number string.
Returns
  • An ApiFuture which will complete successfully with a UserRecord instance. If an error occurs while retrieving user data or if the phone number does not correspond to a user, the future throws a FirebaseAuthException.
Throws
IllegalArgumentException If the phone number is null or empty.

public ApiFuture<ListUsersPage> listUsersAsync (String pageToken, int maxResults)

Gets a page of users starting from the specified pageToken.

Parameters
pageToken A non-empty page token string, or null to retrieve the first page of users.
maxResults Maximum number of users to include in the returned page. This may not exceed 1000.
Returns
  • An ApiFuture which will complete successfully with a ListUsersPage instance. If an error occurs while retrieving user data, the future throws an exception.
Throws
IllegalArgumentException If the specified page token is empty, or max results value is invalid.

public ApiFuture<ListUsersPage> listUsersAsync (String pageToken)

Gets a page of users starting from the specified pageToken. Page size will be limited to 1000 users.

Parameters
pageToken A non-empty page token string, or null to retrieve the first page of users.
Returns
  • An ApiFuture which will complete successfully with a ListUsersPage instance. If an error occurs while retrieving user data, the future throws an exception.
Throws
IllegalArgumentException If the specified page token is empty.

public ApiFuture<Void> revokeRefreshTokensAsync (String uid)

Revokes all refresh tokens for the specified user.

Updates the user's tokensValidAfterTimestamp to the current UTC time expressed in milliseconds since the epoch and truncated to 1 second accuracy. It is important that the server on which this is called has its clock set correctly and synchronized.

While this will revoke all sessions for a specified user and disable any new ID tokens for existing sessions from getting minted, existing ID tokens may remain active until their natural expiration (one hour). To verify that ID tokens are revoked, use verifyIdTokenAsync(String, boolean).

Parameters
uid The user id for which tokens are revoked.
Returns
  • An ApiFuture which will complete successfully or if updating the user fails, unsuccessfully with the failure Exception.

public ApiFuture<Void> setCustomUserClaimsAsync (String uid, Map<String, Object> claims)

Sets the specified custom claims on an existing user account. A null claims value removes any claims currently set on the user account. The claims should serialize into a valid JSON string. The serialized claims must not be larger than 1000 characters.

Parameters
uid A user ID string.
claims A map of custom claims or null.
Returns
  • An ApiFuture which will complete successfully when the user account has been updated. If an error occurs while deleting the user account, the future throws a FirebaseAuthException.
Throws
IllegalArgumentException If the user ID string is null or empty, or the claims payload is invalid or too large.

public Task<UserRecord> updateUser (UserRecord.UpdateRequest request)

This method is deprecated.
Use updateUserAsync(UpdateRequest)

Similar to updateUserAsync(UpdateRequest), but returns a Task.

Parameters
request A non-null UserRecord.UpdateRequest instance.
Returns
  • A Task which will complete successfully with a UserRecord instance corresponding to the updated user account. If an error occurs while updating the user account, the task fails with a FirebaseAuthException.
Throws
NullPointerException if the provided update request is null.

public ApiFuture<UserRecord> updateUserAsync (UserRecord.UpdateRequest request)

Updates an existing user account with the attributes contained in the specified UserRecord.UpdateRequest.

Parameters
request A non-null UserRecord.UpdateRequest instance.
Returns
  • An ApiFuture which will complete successfully with a UserRecord instance corresponding to the updated user account. If an error occurs while updating the user account, the future throws a FirebaseAuthException.
Throws
NullPointerException if the provided update request is null.

public Task<FirebaseToken> verifyIdToken (String token)

This method is deprecated.
Use verifyIdTokenAsync(String)

Similar to verifyIdTokenAsync(String), but returns a Task.

Parameters
token A Firebase ID Token to verify and parse.
Returns
  • A Task which will complete successfully with the parsed token, or unsuccessfully with the failure Exception.

public ApiFuture<FirebaseToken> verifyIdTokenAsync (String token, boolean checkRevoked)

Parses and verifies a Firebase ID Token and if requested, checks whether it was revoked.

A Firebase application can identify itself to a trusted backend server by sending its Firebase ID Token (accessible via the getToken API in the Firebase Authentication client) with its request.

The backend server can then use the verifyIdToken() method to verify the token is valid, meaning: the token is properly signed, has not expired, and it was issued for the project associated with this FirebaseAuth instance (which by default is extracted from your service account)

If checkRevoked is true, additionally checks if the token has been revoked.

If the token is valid, and not revoked, the returned Future will complete successfully and provide a parsed version of the token from which the UID and other claims in the token can be inspected. If the token is invalid or has been revoked, the future throws an exception indicating the failure.

Parameters
token A Firebase ID Token to verify and parse.
checkRevoked A boolean denoting whether to check if the tokens were revoked.
Returns
  • An ApiFuture which will complete successfully with the parsed token, or unsuccessfully with the failure Exception.

public ApiFuture<FirebaseToken> verifyIdTokenAsync (String token)

Parses and verifies a Firebase ID Token.

A Firebase application can identify itself to a trusted backend server by sending its Firebase ID Token (accessible via the getToken API in the Firebase Authentication client) with its request.

The backend server can then use the verifyIdToken() method to verify the token is valid, meaning: the token is properly signed, has not expired, and it was issued for the project associated with this FirebaseAuth instance (which by default is extracted from your service account)

If the token is valid, the returned Future will complete successfully and provide a parsed version of the token from which the UID and other claims in the token can be inspected. If the token is invalid, the future throws an exception indicating the failure.

This does not check whether a token has been revoked. See verifyIdTokenAsync(String, boolean) below.

Parameters
token A Firebase ID Token to verify and parse.
Returns
  • An ApiFuture which will complete successfully with the parsed token, or unsuccessfully with the failure Exception.