Firebase Adapter
Using the Firebase Admin SDK and Firestore.
Resources
Setup
Installation
npm install @auth/firebase-adapter firebase-admin
Environment variables
// Auth via Service Account File
GOOGLE_APPLICATION_CREDENTIALS
// Auth via key values
AUTH_FIREBASE_PROJECT_ID
AUTH_FIREBASE_CLIENT_EMAIL
AUTH_FIREBASE_PRIVATE_KEY
Configuration
import NextAuth from "next-auth"
import { FirestoreAdapter } from "@auth/firebase-adapter"
export { handlers, auth, signIn, signOut } = NextAuth({
adapter: FirestoreAdapter(),
})
Authentication
Service Account File
First, create a Firebase project and generate a service account key. Visit: https://console.firebase.google.com/u/0/project/{project-id}/settings/serviceaccounts/adminsdk
(replace {project-id}
with your project’s id)
- Download the service account key and save it in your project. (Make sure to add the file to your
.gitignore
!) - Add
GOOGLE_APPLICATION_CREDENTIALS
to your environment variables and point it to the service account key file. - The adapter will automatically pick up the environment variable and use it to authenticate with the Firebase Admin SDK. You do not need to pass any additional authentication options to the adapter.
Service Account Values
- Download the service account key to a temporary location (Don’t commit this file!).
- Add the following environment variables to your project
a.AUTH_FIREBASE_PROJECT_ID
b.AUTH_FIREBASE_CLIENT_EMAIL
c.AUTH_FIREBASE_PRIVATE_KEY
import NextAuth from "next-auth"
import { FirestoreAdapter } from "@auth/firebase-adapter"
import { cert } from "firebase-admin/app"
export const { handlers, auth, signIn, signOut } = NextAuth({
adapter: FirestoreAdapter({
credential: cert({
projectId: process.env.AUTH_FIREBASE_PROJECT_ID,
clientEmail: process.env.AUTH_FIREBASE_CLIENT_EMAIL,
privateKey: process.env.AUTH_FIREBASE_PRIVATE_KEY,
}),
}),
})
Using an existing Firestore instance
If you already have a Firestore instance, you can pass that to the adapter directly instead.
When passing an instance and in a serverless environment, remember to handle duplicate app initialization.
You can use the initFirestore
utility to initialize the app and get an
instance safely.
import NextAuth from "next-auth"
import { FirestoreAdapter } from "@auth/firebase-adapter"
import { firestore } from "lib/firestore"
export const { handlers, auth, signIn, signOut } = NextAuth({
adapter: FirestoreAdapter(firestore),
})
Utility function that helps making sure that there is no duplicate app initialization issues in serverless environments.
If no parameter is passed, it will use the GOOGLE_APPLICATION_CREDENTIALS
environment variable to initialize a Firestore instance.
import { initFirestore } from "@auth/firebase-adapter"
import { cert } from "firebase-admin/app"
export const firestore = initFirestore({
credential: cert({
projectId: process.env.FIREBASE_PROJECT_ID,
clientEmail: process.env.FIREBASE_CLIENT_EMAIL,
privateKey: process.env.FIREBASE_PRIVATE_KEY,
}),
})