[FR] - Ability to set auth domains via admin SDK

[imjared]

Is your feature request related to a problem? Please describe. We're trying to deploy preview branches onto appengine using versioning. This results in URLs like http://[VERSION_ID]-dot-[YOUR_PROJECT_ID].appspot.com. We want to be able to run E2E tests against preview branches and send links to stakeholders for previewing. Unfortunately with Firebase authentication, we have to manually set each whitelisted subdomain we want to use. This isn't the end of the world but it'd be nice to say "hey, we own this appengine (or whatever) namespace, whitelist everything under it."

Describe the solution you'd like I'd like to either:

1. In Firebase control panel, be able to wildcard a path for authentication. eg. *-dot-[YOUR_PROJECT_ID].appspot.com
2. Using Firebase-admin SDK, we'd want to programmatically set a whitelisted domain for authentication. Something along the lines of admin.auth().validateDomain(...) might work for our use case.

Describe alternatives you've considered As an alternative, we've:

• thought about trying to proxy our GAE dev instance via some CDN black magic where domains actually all become fourth level domains (unclear if this would even work)
• thought about manually adding whitelisted domains in Firebase for every PR we push 😭

Additional context Just to be crystal clear, this is for the domain whitelisting that happens at https://console.firebase.google.com/u/0/project/[PROJECT_ID]/authentication/providers

[google-oss-bot]

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.

[bojeil-google]

Can you also file an official feature request for this.

[Benny739]

Any news on that?

[nickgrives]

@bojeil-google @hiranya911 Do you have any update on where this sits in product roadmap?

[landsman]

This is exactly what we need too. Probably some kind of regex support for a domain name would be the best quick fix!

[rodolfofranco]

We are also in need of this feature, is there any update on this?

[landsman]

or just REST API would be great! 🙏

[cesariomartins]

Hi, We are also in need for this. Actually this is a must for our project and the alternative is really to find another auth provider - which would be a big headache. Pls, let us know if this is consider in the upcoming roadmap tks

[stefafafan]

Hello, I just found this issue right now. I've seen a workaround so I thought I should comment it here.

or just REST API would be great!

This seems to be possible now by using the Identity Toolkit API

• Method: projects.getConfig  |  Identity Platform Documentation  |  Google Cloud
• Method: projects.updateConfig  |  Identity Platform Documentation  |  Google Cloud

projects.getConfig returns a Config, which contains authorizedDomains which is the list of domains set.

projects.updateConfig lets you update a portion of the Config, so you can add to the response of getConfig and update the whole authorizedDomains structure.

This blog helped me understand how to use these APIs: Firebase Auth authorized domains | (p)retired I've also seen a JavaScript solution here: Any API to add an authorized domain to Firebase Auth? - Stack Overflow

[kasvith]

everything can be solved if wildcard domains are allowed

[landsman]

any update after several years? 😢

[psettachatgul]

bump

[landsman]

I lost patience with Firebase. Consider @supabase as a progressive replacement.

[abseht]

@landsman just in case you are still waiting. As of now, I am using "Blaze Plan" and I can use Firebase Auth to access temporarily deployed applications in sub-domains. Namely, in Authorized Domains I have URLs as company.com and development.company.com and I am able to access services on service.development.com or services-pr.development.company.com I do not have any additional configuration. Hope it helps.