You're viewing the legacy docs. They are deprecated as of May 18, 2016.
Go to current docs

REST Guide

App Management

This document explains how you can manage your app's Security and Firebase Rules through the REST API.

Writing Security and Firebase Rules

Using the REST API, you can write and update Security and Firebase Rules for your Firebase app by making a PUT request to the /.settings/rules.json path. To do this, we'll need our Firebase Secret which can be found on the Secrets tab on the left of our App Dashboard. To change our .read rule to true for all data in our Firebase database, we could make the following PUT request:

curl -X PUT -d '{ "rules": { ".read": true } }' ''

Writing Security and Firebase Rules through the REST API could be used to script the uploading of your app's rules as part of your deploy process.

Writing Security and Firebase rules through the REST API will overwrite any existing rules.

Retrieving Security and Firebase Rules

Similarly, we can make a GET request to the /.settings/rules.json path of our app's URL to retrieve our Security and Firebase Rules:

curl ''

The response will contain all of the rules for our app.

  1. 1


    Installation & Setup

  2. 2


    Understanding Data

  3. 3


    Saving Data

  4. 4


    Retrieving Data

  5. 5


    Structuring Data

  6. 6


    Understanding Security

  7. 7


    User Authentication

  8. 8


    App Management