Skip to content

General

General

Categories

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

75 results found

  1. Food delivery services usually need to know the phone number of their customers, to guarantee that the deliveries will be smooth.

    So, a food delivery app would probably prefer authenticating users by phone number rather than by email address.

    Phone auth on its own isn’t particularly secure, though, so it would be nice to allow users to optionally add email authentication as a second factor.

    As of right now, phone auth doesn’t support MFA, though, which means that a food delivery app might want to force users to use email and phone 2FA right away, which might seem intrusive to…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Currently, we only have the option to use TOTP 2fa or SMS. Security keys are quickly gaining popularity, as it is a more secure option. Please add this.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Add the ability to configure social authentication methods like Google, Facebook, etc. like how OIDC and SAML can be done.

    Also, the ability to use the parent configuration for Google Authentication so it is just an enable like in the Web Console UI. This reduces the overhead code that we need to provide if all we are doing is splitting into different tenants for management reasons.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Support some additional data sent during the signInWithEmailAndPassword that can be read in the beforeCreate

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Firebase currently only allows you to add custom claims to ID tokens, and it suggests adding role based access control (RBAC) permissions in those ID token claims.

    RBAC custom claims should be added to the access token which is already included in the Authorization header in all API requests, so the API already has access to the token that it needs. Additionally including an ID token in API requests so that the API can read permissions from it is overly complicated and superfluous.

    Furthermore, you should be able to add these claims to access tokens for specific users via the…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. GitHub Apps are now the preferred alternative to GitHub Oauth Apps. When authenticating with Firebase Auth and a GitHub App, the app is "authorised" but not "installed", which can lead to inconsistent behaviour (https://github.com/orgs/community/discussions/61677). It would be nice if the GitHub provider had an option for prompting the user to "Authorise and Install" rather than only "Authorise".

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. As Firebase is retiring Dynamic Links, it is no longer possible to set up the Dynamic Link required for Passwordless Sign-In via e-mail. I recommend that either Firebase disable Passwordless Sign-In, or that they update their documentation outlining the new method to do Passwordless Sign-In without their Dynamic Link.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. The ability to handle autentication and registration feature in android wear / wearos applications, using FirebaseUI or the official firebase auth library in gradle.

    Ideally, the same features promoted to android apps but in the wearable world, taking in account the considerations related to battery, performance and data fetching and processing applied to wearables.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Create magic links in sent SMS messages so users can click on the link in the SMS and log-in into the app, similar to email magic link auth.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Firebase using SHA-1 weak hash algorithm. This is being raised as Security vulnerability. Recommended to upgrade the hash algorithm.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Currently there is no way to customize the email sent to users who authenticate via email (deep ?) link. I understand / accept the rational for this.

    For Firebase projects with multiple Apps, this leads to all authentication emails having a single title (and link) based on the "public-facing name" set in "Project settings". It would be good to have an option to use the "app nickname" used for each of the Apps within the project to form the basis for the email title + link text. This would give users more confidence that they've received a valid login email…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. Would be a HUGE cost saver given the increased pricing of SMS multi factor authentication.

    If Firebase knows the phone number / email via another project, offer the app user to share their phone number with this app and skip costly SMS verification.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Dear Firebase Support Team,

    I hope this message finds you well. I am reaching out to share a suggestion that I believe could greatly benefit Firebase Authentication and developers working on more complex applications.

    Currently, Firebase Authentication provides excellent flexibility with signInWithPhoneNumber and createUserWithEmailAndPassword, allowing projects to authenticate users using either a phone number or an email/password combination. However, in certain projects, both the phone number and email/password are essential to meet higher security standards and user profile requirements.

    In these cases, having an integrated authentication flow that combines signInWithPhoneNumber and createUserWithEmailAndPassword within a single, cohesive process would be highly…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Add an option for the password policy to require users to create a new, unique password that has never been used for their accounts.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Currently, sending email verification is done through the client-side sdk. There is no method (to my knowledge) for sending email verification via the Admin SDK in a server environment.

    The only workaround seems to be the "generateEmailVerificationLink" function but that requires the use of a custom email service. This is different from the client-sdk functionality.

    The use case is SSR focused apps where user creation is also done via the Admin SDK and/or where support for no-js availability is a requirement.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. I saw this on the documentation website: "Note: The limits for email link sign-in emails were recently changed. Please add a billing instrument to go beyond 5 email link sign-in emails."

    It's really strange that you quietly set the limit of sign-in emails to 5. Why? It makes no sense. For testing it's too low, and for production of course.

    First you hook developers up to Firebase and then you quietly lower the limits. Good business practices.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. I have a domain with the extension: .guru,
    but when I enter the domain to firebase for authentication, it doesn;t accept it as a valid domain name! HELP PLEASE!

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. As of now, there is no way we can set a custom expiration time for the Email Signin with link authentication. Our use case is that we generate this link through admin sdk and then mail the users (as an invite).

    Hence, it becomes really important for us to have a custom expiration time.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?