Token expiration and storage requests

[Ryan Mills]

Hi,

After what interval does Firebase re-issue a new token to a client for database requests and is this the same for storage requests?

I was receiving unauthorized errors for storage requests on a Javascript client when I left the client idle for half a day.

I will run a test to confirm this but it would still be great to know the lifespan of a token.

Ryan

[Jacob Wenger]

Hey Ryan,

The underlying Firebase Auth ID tokens that are used to authenticate to the Realtime Database and Storage expire after one hour, but are automatically refreshed under the hood on your behalf. What exact errors are you seeing and can you share a repro with us?

Cheers,

Jacob

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-talk+unsubscribe@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/a13949b8-cb91-4818-b51c-853a609b0db5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Ryan Mills]

I bumped into an unauthorized error when using firebase.storage() put() method - It didn't return an unauthorized for the database after a period of time, just storage.

Can you confirm that storage requests will also automatically refresh the token before they are called too?

I will create a test to confirm following.

Ryan

On Thursday, September 1, 2016 at 3:05:17 AM UTC+10, Jacob Wenger wrote:

Hey Ryan,

The underlying Firebase Auth ID tokens that are used to authenticate to the Realtime Database and Storage expire after one hour, but are automatically refreshed under the hood on your behalf. What exact errors are you seeing and can you share a repro with us?

Cheers,

Jacob

On Tue, Aug 30, 2016 at 10:37 PM, Ryan Mills <ry...@rmills.id.au> wrote:

Hi,

After what interval does Firebase re-issue a new token to a client for database requests and is this the same for storage requests?

I was receiving unauthorized errors for storage requests on a Javascript client when I left the client idle for half a day.

I will run a test to confirm this but it would still be great to know the lifespan of a token.

Ryan

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.

To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.

[Jacob Wenger]

Hey Ryan,

Yes, the ID tokens used for the Realtime Database and Storage are the same and are automatically refreshed on your behalf. That being said, we do not proactively refresh them, so you may see a failure to read or write from the Database or Storage followed by a successful read or write once we refresh the underlying ID token. Maybe that is the failure you are seeing? Does the client recover once the failure occurs or do all subsequent reads and writes fail?

Cheers,

Jacob

To unsubscribe from this group and stop receiving emails from it, send an email to firebase-talk+unsubscribe@googlegroups.com.

To post to this group, send email to fireba...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/64e1a32f-f35c-456c-b02d-fedda71e2dac%40googlegroups.com.