Firebase Authentication FIREBASE

Firebase Authentication  

Firebase Authentication

Firebase Authentication

  • Firebase Authentication provides all the server-side stuff for authenticating the user. Firebase Authentication becomes easy with SDK. It makes API easy to use.
  • Firebase Authentication also provides some user interface libraries which enable screens for us when we are logging it.
  • Firebase authentication supports authentication using a password, phone numbers, popular identity provider like Google, Facebook, and Twitter, etc.
  • We can sign in users to our app by using the FirebaseUI.
    • It handles the UI flows for signing in user with an email address and password, phone numbers, and popular providers, including Google sign-In and Facebook Login.
    • It can also handle cases like account recovery.
    • It is not required to design a UI since it is already provided for us. It means we don't have to write the activities.
  • We can also sign-in users using the Firebase Authentication SDK to integrate one or several sign-in methods into our app manually.


Firebase UI Authentication is a way to add a complete sign-in system to our app, where Firebase provides the user interface to them. Firebase UI provides a drop-in auth solution that is used to implement authentication on mobile devices and websites.

Firebase UI can be easily customized to fit with the rest of our app's visual style. It is open-source, so we are not constrained in modifying the user experience to meet our apps need.

There are the following steps to use Firebase UI Authentication:

  • Set up sign-in methods:
    • Enable authentication method in the firebase console.
      • For email address and password, phone number sign-in, and any identity providers.
    • We have to complete the configuration if anyone requires for identity providers.
      • Setting our OAuth redirect URL.
  • Customize the sign-in UI.
    • For customizing the sign-in and UI, we have to set some Firebase UI options or fork the code on GitHub.
  • To perform the sign-in flow, use Firebase UI:
    • Import the Firebase UI library.
    • Specify the sign-in method which we want to support.
    • Initiate the Firebase UI sign-in flow.


How Does Authentication work?

  • We first get authentication credentials from the user to sign a user into our app.
    • Credentials can be the user's email address and password.
    • The credential can be an OAuth token from an identity provider.
  • We then pass these credentials to the Firebase Authentication SDK. Backend services will then verify those credentials and return a response to the client.
  • After a successful sign in:
    • We can access the user's access to data stored in other Firebase products.
    • We can access the user's basic profile information.
    • We can use the provided authentication token to verify the identity of users in our own backend services.
  • An authenticated user can read and write data to the Firebase Real-time Database and Cloud Storage.
    • We can control the access of those authenticated users by modifying the Firebase Database Rules and Storage Security Rules.


  • A Firebase User object represents the account of a user who has signed up to the app in the Firebase project. Apps have many registered users, and every app in a Firebase project shares a user database.
  • Firebase User instance is independent of a Firebase Auth instance. It means we can have several references to different users within the same context and still call any of their methods
  • A Firebase User has a fixed set of basic properties such as Unique ID, Primary email address, Name, and a photo URL.
  • Firstly, a user signs up to the app. The user's profile data is populated with the primary email address if using email/password auth, account information available by the provider if using identity auth, and anything we want if using custom auth.
  • The user becomes the current user of the Auth instance when a user signs up or signs in.
  • The Auth instance stops to keep a reference to the User object. And no longer persists it states when a user signs out:
    • No current user
    • The user instance continues to be completely functional
    • If we keep a reference to it, we can still access and update the user's data.
  • Using listeners is the recommended way to track the current state of the Auth instance.
    • An Auth listener gets notified any time when something relevant happens to the Auth object.

User Lifecycle

  • An Auth listener gets notified in the following situation
  • The Auth object finishes initializing, and a user was already signed in from a previous session or has been redirected from an identity provider's sign-in flow
  • A user signs in.
  • A user signs out.
  • The current user's access token is refreshed:
    • The access token expires.
    • The user changes their password.
    • The user re-authenticates

Learn Programming for Free

Join Programmers Community on Telegram

Talk with Experienced Programmers

Just drop a message, we will solve your queries