Firebase custom auth error: `The custom token format is incorrect`

0
votes

I'm trying to implement authentication with custom generated tokens.

These tokens are generated on the authentication server when authentication is successful.

I then pass said token to my Firebase app with

firebase.auth().signInWithCustomToken(token)

and get a 400 response with this error message:

The custom token format is incorrect

As I said these tokens are generated independently from Firebase and, from reading here, I think that's my problem.

My question: is it possible to set custom token authentication without setting up the service account private key on the authentication server?

1
firebasefirebase-authentication

1 Answers

3
votes

There is no way to mint a custom authentication token without knowing the private key and service account of the project. The private key is used to sign the token, so that the server can verify its validity. Allowing to mint tokens without that would be a huge security risk.