1
Is Firebase Auth a good option for backend API with API keys/long lived tokens?
Post Flair (click to view more posts with a particular flair)
Post Body
I've been tasked with finding a new auth provider at work and am looking at Firebase Auth. Our use-case is pretty standard (login via website, OIDC from Azure AD), which Firebase seems to do just fine. My question is about backend security.
We also serve an API that currently accepts either short-lived or long-lived tokens. Short-lived is generated via a POST route and has a lifetime of 1 hour, whereas long-lived lasts forever and is generated manually on a per-need basis. The best I can find in Firebase is creating custom tokens, which fulfill the short-lived portion but not long-lived. Is there something that can offer this functionality?
Author
Account Strength
90%
Account Age
8 years
Verified Email
Yes
Verified Flair
No
Total Karma
1,041
Link Karma
556
Comment Karma
485
Profile updated: 5 days ago
Posts updated: 4 months ago
Subreddit
Post Details
We try to extract some basic information from the post title. This is not
always successful or accurate, please use your best judgement and compare
these values to the post title and body for confirmation.
- Posted
- 1 year ago
- Reddit URL
- View post on reddit.com
- External URL
- reddit.com/r/Firebase/co...