Edit: I've figured out how to implement this with a middle proxy layer, you can watch it on YouTube. I'm leaving the rest of the article unedited as it's still quite accurate.
If you're here because you are trying to figure out how to use Firebase for SSO purposes, let me be the first to tell you:
Firebase Authentication WAS NOT DESIGNED FOR SSO.
Turns out that a Federated IdP is not the same thing as an IdP. Who would’ve thunk it ?
HOWEVER. Can you build your own flows around it? Probably!
If you’ve worked with Firebase, you know it’s an amazing suite of products that allows you to rapidly prototype and build extremely scalable websites.
However, if you’re wondering if you can use Firebase Authentication for SSO, well, you can’t. Firebase Authentication is a federated IdP management system. It is the “client” in the OIDC/OAuth flow and for that reason, you can’t be a client in a client relationship.
There are tools that exist for this sort of thing, such as OneLogin, which are true SSO solutions. Firebase authentication is a good authentication tool for your websites, but it will not solve your SSO problems outside of that.
Interestingly enough, you can bypass Firebase and then use one of the underlying IdPs to SSO into platforms. For example, instead of using Google Login through Firebase, you could just use Google Login. Same with Facebook Login. These are true IdP solutions which implement OIDC and OAuth2 frameworks correctly. But when Firebase is in the middle, you cannot use them except to log into a web app you are building.
Top comments (0)