Policies

Firebase JWT Auth Policy

Authenticate requests with JWT tokens issued by Firebase. The payload of the JWT token, if successfully authenticated, with be on the request.user.data object accessible to the runtime.

See this document for more information about OAuth authorization in Zuplo.

Configuration

The configuration shows how to configure the policy in the 'policies.json' document.

{
  "name": "my-firebase-jwt-inbound-policy",
  "policyType": "firebase-jwt-inbound",
  "handler": {
    "export": "FirebaseJwtInboundPolicy",
    "module": "$import(@zuplo/runtime)",
    "options": {
      "allowUnauthenticatedRequests": false,
      "projectId": "my-project-id"
    }
  }
}

Policy Options

The options for this policy are specified below. All properties are optional unless specifically marked as required.

  • allowUnauthenticatedRequests <boolean> -
    Allow unauthenticated requests to proceed. This is use useful if you want to use multiple authentication policies or if you want to allow both authenticated and non-authenticated traffic.
    Defaults to false.
  • projectId <string> (Required) -
    Your Firebase Project ID.

Using the Policy

Read more about how policies work

Previous
AWS Cognito JWT Auth
Next
Okta JWT Auth