3

I'm currently looking at building a custom authentication login flow, utilising additional claims / custom claims with Cloud Firestore and Cloud Functions.

The general process I would like to happen is as follows:

  1. Sign in to my own auth system and get relevant auth information, along with creating a custom auth token with additional claims
  2. Sign in via an iOS app using the custom token and signInWithCustomToken
  3. Have a cloud function triggered to populate Firestore with relevant collections/documents

The system works at the moment by having to call setCustomUserClaims in between points 2 and 3:

  1. Sign in to my own auth system and get relevant auth information, along with creating a custom auth token with additional claims
  2. Sign in via an iOS app using the custom token and signInWithCustomToken
  3. Call a callable function to setCustomUserClaims to set the additional claims onto the user's customClaims.
  4. Have a cloud function triggered to populate Firestore with relevant collections/documents

It would be nice, however, to not have to call this and use the initial additional claims from the initial JWT.

I understand that if we were to call an HTTPS function, or a callable function from the app we can then get the auth details with the claims inside (as provided from the IDToken). However, it would be best if we didn't need to call setCustomUserClaims and allow the service to get the claims using getUser and accessing the customClaims.

  • Is there a way to get this same auth information from a triggered function?
  • Will there be any plans/any way to get the auth on the server using getUser?
  • Is there a way to get the IDToken from the server from a triggered function rather than a HTTPS or Callable function?
  • Are there any plans to allow triggers for onCreate for an Authentication User when using custom tokens?
mgoya
  • 448
  • 3
  • 11
Domness
  • 7,477
  • 8
  • 38
  • 49

0 Answers0