Auth0 Home Blog Docs

React + Auth0 + Firebase

react
firebase

#1

I’m trying to use Auth0 JWT Tokens with Firebase, with no much luck.

When using the token with Firebase:

const token = localStorage.getItem('id_token');
firebase.auth().signInWithCustomToken(token)

All I get is:

“The custom token format is incorrect. Please check the documentation.”

As far as I saw in Firebase’s documentation Auth0 and Firebase tokens are different:
https://firebase.google.com/docs/auth/admin/create-custom-tokens

Firebase expects an uid which is not present in the one generated by Auth0 (sub).

I tried to create a rule to modify the Auth0’s token to include a copy of sub named uid to see if this could be a solution, but it’s not working, nothing is added to the body of the token.

function (user, context, callback) {
  context.idToken.uid = user.user_id;
  callback(null, user, context);
}

Any idea / suggestion?

PS:

1.I checked the token in jwt.io and its valid.
2.I tried reducing the exp time to less than 1h, as I saw some people considering this a possible solution, but its not.


#2

I don’t believe you can use Auth0’s token directly with Firebase. You have to proxy that through an API which will use firebase-admin to issue a token.

We have a pretty nice example with Firebase and Auth0 in this blog post. If you skip everything about angular, you can actually see the code to issue the token in the Server section:

app.get('/auth/firebase', jwtCheck, (req, res) => {
    // Create UID from authenticated Auth0 user
    const uid = req.user.sub;
    // Mint token using Firebase Admin SDK
    firebaseAdmin.auth().createCustomToken(uid)
      .then(customToken => 
        // Response must be an object or Firebase errors
        res.json({firebaseToken: customToken})
      )
      .catch(err => 
        res.status(500).send({
          message: 'Something went wrong acquiring a Firebase token.',
          error: err
        })
      );
  });