Skip to content
← General

I suggest you ...

General: Firebase AI Logic

Categories

JUMP TO ANOTHER FORUM

(thinking…)

Vertex AI only for authenticated users

Currently, App Check is the only mechanism to control access to the Vertex API. This is not always practical and does not allow per-user access control.
Please add a mechanism similar to Security Rules for Firestore, to enforce only authenticated Firebase users to access the AI APIs.

8 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Marco Ancona shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • C B commented  ·   ·  Report

    Yes! I really wanted to use Vertex AI in my native App, especially for pro users. The implementation was easy, thanks to firebase. But I still decided against using it, because the only protection layer is app check, which is not enough in my eyes. Having to implement all of the protection logic (like isProUser, isAuthenticated, rate limits, ...) only in the client is very bad. Now I am using firebase functions to make all the ai api calls securly in the backend.

    Like Marco shared, please implement something like per-user access control mechanism similar to Security Rules for firestore, with the possibility of using custom claims and I would be very excited to use Vertex Ai for my apps.

    https://www.reddit.com/r/Firebase/comments/1ji9393/limiting_vertex_ai_api_usage_per_user_in_firebase/