You're viewing the legacy docs. They are deprecated as of May 18, 2016.
These docs are for version 2.5.2 and below of the Java SDK. Go to our current docs, or see our Android migration guide.

Java Android Guide

Google Authentication

Configuring Your Application

To get started with Google authentication for your Android application, you need to first create a Google Cloud Platform (GCP) project. Use one of your existing projects listed on that page or click the Create project button and fill in a name and ID for your project. Once your project is created, navigate to the OAuth consent screen within the GCP API management console and specify the Product name shown to users.

Clicking Save takes you to the GCP API credentials management screen where you should select OAuth client ID from the Create credentials dropdown. Since you are setting things up for an Android application, select Android under Application Type. Give your client ID a useful Name and then enter your Android application's package name and signing-certificate fingerprint.

Click Create and copy the resulting OAuth client ID. Head on over to the Login & Auth section in your Firebase App Dashboard. Enable Google authentication and then paste your client ID into the Google Client ID input. You can always find your Android application's client ID from the GCP API credentials management screen. For Android applications, you can leave the Google Client Secret input blank.

Authenticating Google Users to Your Firebase App

Once your application has been setup to log users in with the Google provider, your application can take advantage of the Security and Firebase Rules used to protect data.

To log a user in, you will need a Google OAuth access token returned by the login flow provided by the Google+ SDK:

Firebase ref = new Firebase("https://<YOUR-FIREBASE-APP>.firebaseio.com");
ref.authWithOAuthToken("google", "<OAuth Token>", new Firebase.AuthResultHandler() {
    @Override
    public void onAuthenticated(AuthData authData) {
        // the Google user is now authenticated with your Firebase app
    }

    @Override
    public void onAuthenticationError(FirebaseError firebaseError) {
        // there was an error
    }
});

The authData object returned to your callback contains the following getter methods:

authData Object
Field Description Type
getUid() A unique user ID, intended as the user's unique key across all providers. String
getProvider() The authentication method used, in this case: google. String
getToken() The Firebase authentication token for this session. String
getAuth() The contents of the authentication token, which will be available as the auth variable within your Security and Firebase Rules. Map<String,Object>
getExpires() A timestamp, in seconds since the UNIX epoch, indicating when the authentication token expires. Long
getProviderData() A Map containing provider-specific data. Map<String,Object>
getProviderData().get("id") The Google user's ID. String
getProviderData().get("accessToken") The Google OAuth 2.0 access token granted by Google during user authentication. String
getProviderData().get("displayName") The Google user's full name. String
getProviderData().get("email") The Google user's primary email address as listed on their profile. Returned only if a valid email address is available, and the Google email permission was granted by the user. String
getProviderData().get("profileImageURL") The URL of the Google user's profile picture. String
getProviderData().get("cachedUserProfile") The Google user's raw profile, as specified by Google's user documentation. Note that the data included in this payload is generated by Google and may be changed by them at any time. Map<String,String>

Security & Rules

Now that the client is logged in, your Security and Firebase Rules have access to their verified account data. The auth variable contains the following values:

auth Variable
Field Description Type
uid A unique user ID, intended as the user's unique key across all providers. String
provider The authentication method used, in this case: google. String

Here is an example of how to use the auth variable in your Security and Firebase Rules:

{
  "rules": {
    "users": {
      "$uid": {
        // grants write access to the owner of this user account whose uid must exactly match the key ($uid)
        ".write": "auth !== null && auth.uid === $uid",

        // grants read access to any user who is logged in google
        ".read": "auth !== null && auth.provider === 'google'"
      }
    }
  }
}
See the User Based Security articles for more details.
  1. 1

    Next

    Installation & Setup

  2. 2

    Next

    Understanding Data

  3. 3

    Next

    Saving Data

  4. 4

    Next

    Retrieving Data

  5. 5

    Next

    Structuring Data

  6. 6

    Next

    Understanding Security

  7. 7

    Next

    User Authentication

  8. 8

    Next

    Offline Capabilities