2

I'm using Firebase web in a mobile project. When users sign up with their email address, I'm using the firebase.auth().sendSignInLinkToEmail() function to send them a link they can use to log in.

The email contains a link that says "sign in to MY_APP_NAME". The href attribute for that link is:

https://MY_APP_NAME.firebaseapp.com/__/auth/action?apiKey=AIzaSyAF5D9sxHKgzlvTKk9JYU7qlsTl5K23lrI&mode=signIn&oobCode=u9DDHZP8iAAJQCW-CA39CYhZAMzNRB4TCBI2z0KwZ7EAAAFv6Gq6Xg&continueUrl=MY_FANCY_DOMAIN_WITH_REDIRECTS&lang=en

But when I click that link, I get a warning:

Suspicious link This link leads to an untrusted site. Are you sure you want to proceed to MY_APP_NAME.firebaseapp.com?

Does anyone know how I can get rid of this warning? This thread suggested adding a Google TXT record to my fancy domain's DNS configuration via the Google postmaster service would solve this problem but that didn't help. Any suggestions would be hugely helpful!

Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
duhaime
  • 25,611
  • 17
  • 169
  • 224
  • Puf! Thank you for your edit. I feel like Elvis just walked right by me. Just to be clear, the `continueUrl` value is a custom domain I set up in AWS Cloudfront + S3, but that site isn't hosted in Firebase. I configured SSL for the host. – duhaime Jan 28 '20 at 01:53
  • Hmm, roughly 10 hours after sending the first email, verifying a Postmaster TXT record on my host, and configuring SSL (all these things happened quickly last night) for the site to which users are redirected, the links are no longer displaying the Suspicious Link message. – duhaime Jan 28 '20 at 10:02

0 Answers0