What is the purpose of using two tokens in firebase ? - firebase authentication query for a server client web application

0
votes

Firebase provides a client sdk for web and an admin sdk for backend server to create a user session. In a microservices architecture based cloud application, do we have to create a custom token at the server side when a user tries to log into our system and then allow the client using java-script based client sdk to create another id-token with the custom token for continuing the client interaction within that session ?

Why do we need two tokens i.e Custom Token(Admin SDK) and Id Token(Client SDK) for user authentication ?

1
firebasefirebase-authentication

1 Answers

0
votes

You need only one of the two tokens for each user, depending on whether you're using a custom provider to sign that user in, or one of the built-in providers.

  • If you use one of the existing providers you'll use its ID token.
  • If you create a custom provider, you'll create your own (custom) token for the user. This custom token essentially takes the place of the ID token that you'd use with the default provider.

To learn all about the various token types that Firebase Authentication has, read the blog post Demystifying Firebase Auth Tokens.