0

I'm using Oauth2 to authenticate third party Firebase project owners with their Google account to grant access to their Firestore Cloud Platform Projects. My goal is to get database triggers running, not from my own database, but on a database owned by a third party admin, i.e a database I do not own or have direct access to.

For my own admin I would use, with my own service account:

const admin = require('firebase-admin');

const serviceAccount = require('./path/to/serviceAccountKey.json');

admin.initializeApp({
  credential: admin.credential.cert(serviceAccount)
});

const db = admin.firestore();

Is there a way for a third party Firebase admin to grant access to their database without manually sharing their project?

Open to options that are not exclusively via firebase-admin sdk?

Possible options would maybe something like:

  1. Get third party access via Oauth
  2. Exisiting Google Cloud API to get either their serviceAccount.json or Firebase Project Settings via Oauth permission or otherwise.

To achieve this:

const admin = require('firebase-admin');
    
   //Maybe this??
    const thirdPartyServiceAccount = require('./path/to/serviceAccountKey.json');
    
    admin.initializeApp({
      credential: admin.credential.cert(serviceAccount)
    });
    
   //Or this??  
    admin.initializeApp({
      credential: admin.credential.refreshToken(thirdPartyRefreshToken)
    });


    const thirdPartyDB = admin.firestore();
fitzmode
  • 1,007
  • 1
  • 18
  • 29
  • The short answer is this: what you're trying to do isn't supported by the backend SDKs for Firestore. – Doug Stevenson Sep 11 '20 at 15:10
  • @DougStevenson Any suggestions on how I can achieve getting permissions to another Google user's Firestore projects and use database triggers on their behalf? Is it possible to perhaps get a service account of another user programatically if this can't be achieved through oauth? – fitzmode Sep 12 '20 at 11:11

0 Answers0