Create custom tokens for firebase authentication?

Hi, I am using Firebase as my auth server with my phoenix application. I am using Admin SDK to verify id_tokens generated by my firebase client sdk. My requirement is to be able to impersonate users and to achieve this i want to generate custom tokens from admin sdk like mentioned here

Has anyone done this or can help me with this?

2 Likes

Hi, I know this is an old thread, but I just wanted to share how I did this for anyone stumbling on this (like I did).
I followed the docs from: Create Custom Tokens  |  Firebase Documentation.

You can use Joken to create the token, you only need the private key and the email address of your service account.

email = "your@service.account"
private_key = "..."

# Create the signer, this needs to be "RS256"
signer = Joken.Signer.create("RS256", %{"pem" => private_key})

# Configure the claims
token_config =
      Joken.Config.default_claims(
        default_exp: 60 * 60,
        skip: [:jti, :nbf],
        iss: email,
        aud: "https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit"
      )
      |> Joken.Config.add_claim("sub", fn -> email end, &(&1 == email))


# Create the token
token =
      Joken.generate_and_sign!(
        token_config,
        %{"uid" => uid}, # This can be empty but you probably want to pas the Firebase UID of the user
        signer
      )
1 Like