75 results found
-
Add option to block client-side password reset in firebase
See here: https://stackoverflow.com/questions/77313457/block-client-side-password-reset-in-firebase
I would like to be able to disable all client-side password resets, both sending a password reset email and directly updating a password after re-authenticating so I can do all my logic though the admin API in functions.
For example, add and option in Authentication -> settings -> user actions that blocks client-side password resets (throws an 'auth/admin-restricted-operation')
(Would be nice to have this option for all auth functions, so you can decide to control access for everything better)
6 votes -
Disable Passwordless Sign-In for E-mail
As Firebase is retiring Dynamic Links, it is no longer possible to set up the Dynamic Link required for Passwordless Sign-In via e-mail. I recommend that either Firebase disable Passwordless Sign-In, or that they update their documentation outlining the new method to do Passwordless Sign-In without their Dynamic Link.
2 votes -
generateRecoverEmailLink
Just as there is "generatePasswordResetLink" to obtain the link to reset the password, I need a method to obtain the link to recover the email, after an email change.
The same link that is sent in the email when an email change is made using "updateEmail" from the front.
Since without that, there is no way to use Firebase to reverse an email change through a link in a custom email, and I would have to build a complete flow on my website for this.
1 vote -
Authentication feature in Android Wear / WearOS application
The ability to handle autentication and registration feature in android wear / wearos applications, using FirebaseUI or the official firebase auth library in gradle.
Ideally, the same features promoted to android apps but in the wearable world, taking in account the considerations related to battery, performance and data fetching and processing applied to wearables.
1 vote -
Authentication feature in Android Wear / WearOS application
The ability to handle autentication and registration feature in android wear / wearos applications, using FirebaseUI or the official firebase auth library in gradle.
Ideally, the same features promoted to android apps but in the wearable world, taking in account the considerations related to battery, performance and data fetching and processing applied to wearables.
2 votes -
Shorten email verification link
I am building a web application using Firebase authentication. I require email verification to have users access our platform. Currently, the link is quite long, but I was wondering if there was any way to shorten the URL to make it more user friendly, and to make it look less spam-like
3 votes -
Support declaring windows-app-web-link JSON file to allow Firebase auth in Windows apps
In order to catch Firebase redirect URL like
https://<app>.firebaseapp.com/__/auth/handler
Windows requires windows-app-web-link JSON file to bedclared in the root likehttps://<app>.firebaseapp.com/windows-app-web-link
https://learn.microsoft.com/en-us/windows/uwp/launch-resume/web-to-app-linking6 votes -
Login with WhatsApp
Just like phone auth, WhatsApp auth would be greatly beneficial for Asian markets. Users don't need to verify with OTP and us developers get access to their WhatsApp directly for promotion purposes.
3 votes -
Magic link with phone auth
Create magic links in sent SMS messages so users can click on the link in the SMS and log-in into the app, similar to email magic link auth.
2 votes -
Authenticate via email code
We can now use passwordless authentication using email link. This is troublesome on Flutter web clients (a new tab/second instance of app is opened). An option to type 4 digit code received on email to authenticate would be a nice solution.
BTW. Let me know if you could help me with the email link web client authentication, thanks!4 votes -
Whitelisted email address for testing with passwordless email link
It would be great to have a whitelisted email address to use for testing, like we have for SMS authentication, to avoid this message:
"[firebase_auth/too-many-requests] We have blocked all requests from this device due to unusual activity. Try again later."1 vote -
Allow developers to enable authentication limit to a certain collection/document(in cloud firestore) and to a certain node (in RTDB)
Currently, there is no optimal way to achieve this. If we could write a cloud function for it, then it'd be great.
1 vote -
Review the revoke token from apple functionality
I'm implementing a Login with Apple and everything went smooth until I had to delete the account. According to Apple guidelines I need to revoke the token. However, in the Firebase documentation it says I should implement the following:
Auth.auth().revokeToken(withAuthorizationCode: authCodeString)
But the revokeToken method is no longer available. I haven't found yet a way to do it.
Thanks,
Jose
1 vote -
Review the revoke token from apple functionality
I'm implementing a Login with Apple and everything went smooth until I had to delete the account. According to Apple guidelines I need to revoke the token. However, in the Firebase documentation it says I should implement the following:
Auth.auth().revokeToken(withAuthorizationCode: authCodeString)
But the revokeToken method is no longer available. I haven't found yet a way to do it.
Thanks,
Jose
1 vote -
Security vulnerability on using SHA-1 weak hash algorithm
Firebase using SHA-1 weak hash algorithm. This is being raised as Security vulnerability. Recommended to upgrade the hash algorithm.
2 votes -
Custom Claims Editor
Show Custom Claims and allow them to be managed in the Firebase Authentication Console (like in the Emulator). Usefull for manually creating the first super user, for example.
32 votes -
250 votes
Hi folks, this is being actively worked on, and is expected to preview sometime in H1 2024. Thank you for using UserVoice to help us prioritize!
-
4 votes
-
Create custom OTP request to revalidate user
Firebase should have capability for the developer to generate OTP (sent on cellphone or email as per developer's requirement) and should have a mechanism to validate the OTP.
This will be very useful during user authentication when changing some critical data/setting (especially related to finance/money) or when making payment.1 vote -
Option to enable MFA by provider
There should be an option to turn on MFA for a user for specific provider (e.g., password). Since user's Google signin might have MFA already, it's sort of inconvenient to have extra MFA barrier for Firebase Auth tenant.
4 votes
- Don't see your idea?