Is There Any Way To Give Everyone Access To Firestore Database, But Only Via App?

December 09, 2022 Post a Comment

I am creating Android application with Firestore. My app does not require authentication. Is there any security rule to allows everyone read & write to firestore, but only via

Solution 1:

No, you can't limit access to your Cloud Firestore only to your application.

Since your application needs to know all the details that are needed to access the database, a malicious user can take those details and replicate them with code of their own.

To properly secure access to your database, you'll have to use Firebase's security rules. These are enforced on the server, so can't be by-passed by a malicious user. The logic here is that as long as the interactions with the database follow the rules you've set up, it doesn't really matter who wrote the code.

Also see:

Baca Juga

How To Update Security Rules For Firestore Database?
Firestore Writebatch Fails To Execute When Using Set(), Update(), Delete() On Document Reference
Firestore Clients And Invoices, Amended Requirement

How to enable access of firestore data to my nativescript app only?
Why is it okay to allow writes into Firebase from the client side?
Is it safe to use Firestore and its features via client only?

Index Android

Is There Any Way To Give Everyone Access To Firestore Database, But Only Via App?

Solution 1:

Post a Comment for "Is There Any Way To Give Everyone Access To Firestore Database, But Only Via App?"