This post demonstrates how to enable a user-authenticated API that is proxied through Zuplo to securely read and write data to a Firebase Firestore Database. It will show how to use the Upstream Firebase User Auth policy to authorize users to make requests to Firebase and how to use Firebase security rules to ensure users access only authorized data. It will also demonstrate how to use Zuplo API Key authenticate to authenticate requests to the Zuplo API.
1/ Firestore Collection
For this demo, we’ll create a bookmark saving API that lets users save a collection of URLs with a note for each URL. We’ll also save the date each bookmark was created.