Calling Firebase Remote Config REST API without auth

1
votes

I want to use Firebase Remote Config API via REST in a mobile app. Due to technical limitations, I can't use the Android/iOS SDK so I have to resort to the REST API.

However, that API requires authentication using a private key -- obviously I can't include that key in the application.

I don't need any other Firebase service at this time, just the remote config.

How can I work around this limitation? I tried following the guide at https://firebase.google.com/docs/remote-config/use-config-rest, but as mentioned it requires to first generate a short-lived OAuth2 token using the auth API.

1
firebaserestfirebase-remote-config
Why can't you add a public key? The purpose of a public key is that it can be known by everybody without harm...xwoker
There's no public key. I have a file from Firebase with a generated private key. You're supposed to authenticate yourself to Firebase using their client library (python, java, etc). Obviously there's also a public key that is sent to Firebase, but using it in an app will still require to put the private key there, too.noamtm
Perhaps you update the question? It currently says " "that API requires authentication using a public key -- obviously I can't include that key in the application". Did you mean "private key"? (Which you really shouldn't put into the app.xwoker

1 Answers

1
votes

According to the documentation on using the Remote Config REST API:

This document describes how you can use the Remote Config REST API to read and modify the set of JSON-formatted parameters and conditions known as the Remote Config template.

So the REST API is for modifying Remote Config variables, the type of action you could also do in the Firebase console. It is not for use in regular clients, which consume the configuration variables. For that you'll have to use one of the provided clients, as there is no REST API and the wire protocol is not documented.