How are we supposed to setup Default Application support for Firebase?

[Vincent Woo]

Hi, I'm finally trying to migrate to Firebase 3.x and using firebase-admin on the backend. This is proving difficult.

I am running cloud instances on GCP. I have a project called, lets say "project-compute" with a default service account of "project-compute-account".

I also have a firebase account with "firebase-project" and a default service account of "firebase-adminsdk".

How do I make it so that invoking:

firebase.initializeApp

  credential: firebase.credential.applicationDefault()

  databaseURL: process.env.FIREBASE_ROOT

works from node.js on one of these instances. I've tried giving the "project-compute-account" editor permissions on "firebase-adminsdk", as well as adding "project-compute-account" as a top-level editor on the "firebase-project" IAM. Neither seemed to work.

Locally, running "gcloud auth application-default login" seems to work when testing in development mode.

Help!

[Jacob Wenger]

Hey Vincent,

Great to hear from you again!

In theory, if you are running the Admin SDK on GCP infrastructure, the application default credential should just work, without any need to touch service accounts on our end. Clearly that is not the case, but I need some more information to help you debug this.

Typically, when you create a GCP project or a Firebase project (they are pretty much one and the same), there are some service accounts which are created for you automatically. For GCP projects, you get a Google App Engine default service account and a Google Compute Engine default service account. For Firebase projects, you also get a firebase-adminsdk service account. If you go to your service accounts page, which of these do you see?

Also, what is the error you are getting? Make sure you are using the latest version of the Firebase Admin SDK (4.1.3) since we added some extra logging to do our best to log a useful error when provided with all types of invalid credentials. I'm curious if the SDK is having trouble generating access tokens or if the access tokens just don't belong to the right project or what.

If nothing is being logged at all, make sure to turn on Database debug logging (firebase.database.enableLogging(true)) and look through the logs for some connection failures.

Also, as a sanity check, can you confirm the value of process.env.FIREBASE_ROOT has the format https://<DATABASE_NAME>.firebaseio.com when you console.log() it?

Hopefully once I have some more information, I can figure out what is going wrong and offer some actual suggestions on how to fix things.

Cheers,

Jacob

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-talk+unsubscribe@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/e6f87ee6-842b-4b09-a879-dacfd8abf934%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.