Index
Interfaces
Properties
Methods
- delete
- get
IdToken - get
IdToken Result - link
And Retrieve Data With Credential - link
With Credential - link
With Phone Number - link
With Redirect - reauthenticate
And Retrieve Data With Credential - reauthenticate
With Credential - reauthenticate
With Phone Number - reload
- send
Email Verification - toJSON
- unlink
- update
Email - update
Password - update
Phone Number - update
Profile - verify
Before Update Email
Properties
displayName
emailVerified
isAnonymous
metadata
multiFactor
The firebase.User.MultiFactorUser object corresponding to the current user. This is used to access all multi-factor properties and operations related to the current user.
phoneNumber
The phone number normalized based on the E.164 standard (e.g. +16505550101) for the current user. This is null if the user has no phone credential linked to the account.
photoURL
providerData
providerId
refreshToken
tenantId
The current user's tenant ID. This is a read-only property, which indicates the tenant ID used to sign in the current user. This is null if the user is signed in from the parent project.
uid
The user's unique ID.
Methods
delete
-
Deletes and signs out the user.
Important: this is a security-sensitive operation that requires the user to have recently signed in. If this requirement isn't met, ask the user to authenticate again and then call firebase.User.reauthenticateWithCredential.
Error Codes
- auth/requires-recent-login
- Thrown if the user's last sign-in time does not meet the security threshold. Use firebase.User.reauthenticateWithCredential to resolve. This does not apply if the user is anonymous.
Returns Promise<void>
getIdToken
-
Returns a JSON Web Token (JWT) used to identify the user to a Firebase service.
Returns the current token if it has not expired. Otherwise, this will refresh the token and return a new one.
Parameters
-
Optional forceRefresh: boolean
Force refresh regardless of token expiration.
Returns Promise<string>
-
getIdTokenResult
-
Parameters
-
Optional forceRefresh: boolean
Returns Promise<IdTokenResult>
-
linkAndRetrieveDataWithCredential
-
Links the user account with the given credentials and returns any available additional user information, such as user name.
Error Codes
- auth/provider-already-linked
- Thrown if the provider has already been linked to the user. This error is thrown even if this is not the same provider's account that is currently linked to the user.
- auth/invalid-credential
- Thrown if the provider's credential is not valid. This can happen if it has already expired when calling link, or if it used invalid token(s). See the Firebase documentation for your provider, and make sure you pass in the correct parameters to the credential method.
- auth/credential-already-in-use
- Thrown if the account corresponding to the credential already exists
among your users, or is already linked to a Firebase User.
For example, this error could be thrown if you are upgrading an anonymous
user to a Google user by linking a Google credential to it and the Google
credential used is already associated with an existing Firebase Google
user.
The fields
error.email
,error.phoneNumber
, anderror.credential
(firebase.auth.AuthCredential) may be provided, depending on the type of credential. You can recover from this error by signing in witherror.credential
directly via firebase.auth.Auth.signInWithCredential. - auth/email-already-in-use
- Thrown if the email corresponding to the credential already exists
among your users. When thrown while linking a credential to an existing
user, an
error.email
anderror.credential
(firebase.auth.AuthCredential) fields are also provided. You have to link the credential to the existing user with that email if you wish to continue signing in with that credential. To do so, call firebase.auth.Auth.fetchSignInMethodsForEmail, sign in toerror.email
via one of the providers returned and then firebase.User.linkWithCredential the original credential to that newly signed in user. - auth/operation-not-allowed
- Thrown if you have not enabled the provider in the Firebase Console. Go to the Firebase Console for your project, in the Auth section and the Sign in Method tab and configure the provider.
- auth/invalid-email
- Thrown if the email used in a firebase.auth.EmailAuthProvider.credential is invalid.
- auth/wrong-password
- Thrown if the password used in a firebase.auth.EmailAuthProvider.credential is not correct or when the user associated with the email does not have a password.
- auth/invalid-verification-code
- Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
- auth/invalid-verification-id
- Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
Parameters
-
credential: AuthCredential
The auth credential.
Returns Promise<UserCredential>
linkWithCredential
-
Links the user account with the given credentials.
Error Codes
- auth/provider-already-linked
- Thrown if the provider has already been linked to the user. This error is thrown even if this is not the same provider's account that is currently linked to the user.
- auth/invalid-credential
- Thrown if the provider's credential is not valid. This can happen if it has already expired when calling link, or if it used invalid token(s). See the Firebase documentation for your provider, and make sure you pass in the correct parameters to the credential method.
- auth/credential-already-in-use
- Thrown if the account corresponding to the credential already exists
among your users, or is already linked to a Firebase User.
For example, this error could be thrown if you are upgrading an anonymous
user to a Google user by linking a Google credential to it and the Google
credential used is already associated with an existing Firebase Google
user.
The fields
error.email
,error.phoneNumber
, anderror.credential
(firebase.auth.AuthCredential) may be provided, depending on the type of credential. You can recover from this error by signing in witherror.credential
directly via firebase.auth.Auth.signInWithCredential. - auth/email-already-in-use
- Thrown if the email corresponding to the credential already exists
among your users. When thrown while linking a credential to an existing
user, an
error.email
anderror.credential
(firebase.auth.AuthCredential) fields are also provided. You have to link the credential to the existing user with that email if you wish to continue signing in with that credential. To do so, call firebase.auth.Auth.fetchSignInMethodsForEmail, sign in toerror.email
via one of the providers returned and then firebase.User.linkWithCredential the original credential to that newly signed in user. - auth/operation-not-allowed
- Thrown if you have not enabled the provider in the Firebase Console. Go to the Firebase Console for your project, in the Auth section and the Sign in Method tab and configure the provider.
- auth/invalid-email
- Thrown if the email used in a firebase.auth.EmailAuthProvider.credential is invalid.
- auth/wrong-password
- Thrown if the password used in a firebase.auth.EmailAuthProvider.credential is not correct or when the user associated with the email does not have a password.
- auth/invalid-verification-code
- Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
- auth/invalid-verification-id
- Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
Parameters
-
credential: AuthCredential
The auth credential.
Returns Promise<UserCredential>
linkWithPhoneNumber
-
Links the user account with the given phone number.
Error Codes
- auth/provider-already-linked
- Thrown if the provider has already been linked to the user. This error is thrown even if this is not the same provider's account that is currently linked to the user.
- auth/captcha-check-failed
- Thrown if the reCAPTCHA response token was invalid, expired, or if this method was called from a non-whitelisted domain.
- auth/invalid-phone-number
- Thrown if the phone number has an invalid format.
- auth/missing-phone-number
- Thrown if the phone number is missing.
- auth/quota-exceeded
- Thrown if the SMS quota for the Firebase project has been exceeded.
- auth/user-disabled
- Thrown if the user corresponding to the given phone number has been disabled.
- auth/credential-already-in-use
- Thrown if the account corresponding to the phone number already exists
among your users, or is already linked to a Firebase User.
The fields
error.phoneNumber
anderror.credential
(firebase.auth.AuthCredential) are provided in this case. You can recover from this error by signing in with that credential directly via firebase.auth.Auth.signInWithCredential. - auth/operation-not-allowed
- Thrown if you have not enabled the phone authentication provider in the Firebase Console. Go to the Firebase Console for your project, in the Auth section and the Sign in Method tab and configure the provider.
Parameters
-
phoneNumber: string
The user's phone number in E.164 format (e.g. +16505550101).
-
applicationVerifier: ApplicationVerifier
Returns Promise<ConfirmationResult>
linkWithRedirect
-
Links the authenticated provider to the user account using a full-page redirect flow.
Error Codes
- auth/auth-domain-config-required
- Thrown if authDomain configuration is not provided when calling firebase.initializeApp(). Check Firebase Console for instructions on determining and passing that field.
- auth/operation-not-supported-in-this-environment
- Thrown if this operation is not supported in the environment your application is running on. "location.protocol" must be http or https.
- auth/provider-already-linked
- Thrown if the provider has already been linked to the user. This error is thrown even if this is not the same provider's account that is currently linked to the user.
- auth/unauthorized-domain
- Thrown if the app domain is not authorized for OAuth operations for your Firebase project. Edit the list of authorized domains from the Firebase console.
Parameters
-
provider: AuthProvider
The provider to authenticate. The provider has to be an OAuth provider. Non-OAuth providers like firebase.auth.EmailAuthProvider will throw an error.
Returns Promise<void>
reauthenticateAndRetrieveDataWithCredential
-
Re-authenticates a user using a fresh credential, and returns any available additional user information, such as user name. Use before operations such as firebase.User.updatePassword that require tokens from recent sign-in attempts.
Error Codes
- auth/user-mismatch
- Thrown if the credential given does not correspond to the user.
- auth/user-not-found
- Thrown if the credential given does not correspond to any existing user.
- auth/invalid-credential
- Thrown if the provider's credential is not valid. This can happen if it has already expired when calling link, or if it used invalid token(s). See the Firebase documentation for your provider, and make sure you pass in the correct parameters to the credential method.
- auth/invalid-email
- Thrown if the email used in a firebase.auth.EmailAuthProvider.credential is invalid.
- auth/wrong-password
- Thrown if the password used in a firebase.auth.EmailAuthProvider.credential is not correct or when the user associated with the email does not have a password.
- auth/invalid-verification-code
- Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
- auth/invalid-verification-id
- Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
Parameters
-
credential: AuthCredential
Returns Promise<UserCredential>
reauthenticateWithCredential
-
Re-authenticates a user using a fresh credential. Use before operations such as firebase.User.updatePassword that require tokens from recent sign-in attempts.
Error Codes
- auth/user-mismatch
- Thrown if the credential given does not correspond to the user.
- auth/user-not-found
- Thrown if the credential given does not correspond to any existing user.
- auth/invalid-credential
- Thrown if the provider's credential is not valid. This can happen if it has already expired when calling link, or if it used invalid token(s). See the Firebase documentation for your provider, and make sure you pass in the correct parameters to the credential method.
- auth/invalid-email
- Thrown if the email used in a firebase.auth.EmailAuthProvider.credential is invalid.
- auth/wrong-password
- Thrown if the password used in a firebase.auth.EmailAuthProvider.credential is not correct or when the user associated with the email does not have a password.
- auth/invalid-verification-code
- Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
- auth/invalid-verification-id
- Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
Parameters
-
credential: AuthCredential
Returns Promise<UserCredential>
reauthenticateWithPhoneNumber
-
Re-authenticates a user using a fresh credential. Use before operations such as firebase.User.updatePassword that require tokens from recent sign-in attempts.
Error Codes
- auth/user-mismatch
- Thrown if the credential given does not correspond to the user.
- auth/user-not-found
- Thrown if the credential given does not correspond to any existing user.
- auth/captcha-check-failed
- Thrown if the reCAPTCHA response token was invalid, expired, or if this method was called from a non-whitelisted domain.
- auth/invalid-phone-number
- Thrown if the phone number has an invalid format.
- auth/missing-phone-number
- Thrown if the phone number is missing.
- auth/quota-exceeded
- Thrown if the SMS quota for the Firebase project has been exceeded.
Parameters
-
phoneNumber: string
The user's phone number in E.164 format (e.g. +16505550101).
-
applicationVerifier: ApplicationVerifier
Returns Promise<ConfirmationResult>
reload
-
Refreshes the current user, if signed in.
Returns Promise<void>
sendEmailVerification
-
Sends a verification email to a user.
The verification process is completed by calling firebase.auth.Auth.applyActionCode
Error Codes
- auth/missing-android-pkg-name
- An Android package name must be provided if the Android app is required to be installed.
- auth/missing-continue-uri
- A continue URL must be provided in the request.
- auth/missing-ios-bundle-id
- An iOS bundle ID must be provided if an App Store ID is provided.
- auth/invalid-continue-uri
- The continue URL provided in the request is invalid.
- auth/unauthorized-continue-uri
- The domain of the continue URL is not whitelisted. Whitelist the domain in the Firebase console.
Parameters
-
Optional actionCodeSettings: ActionCodeSettings | null
The action code settings. If specified, the state/continue URL will be set as the "continueUrl" parameter in the email verification link. The default email verification landing page will use this to display a link to go back to the app if it is installed. If the actionCodeSettings is not specified, no URL is appended to the action URL. The state URL provided must belong to a domain that is whitelisted by the developer in the console. Otherwise an error will be thrown. Mobile app redirects will only be applicable if the developer configures and accepts the Firebase Dynamic Links terms of condition. The Android package name and iOS bundle ID will be respected only if they are configured in the same Firebase Auth project used.
Returns Promise<void>
toJSON
-
Returns a JSON-serializable representation of this object.
Returns Object
A JSON-serializable representation of this object.
unlink
-
Unlinks a provider from a user account.
Error Codes
- auth/no-such-provider
- Thrown if the user does not have this provider linked or when the provider ID given does not exist.
Parameters
-
providerId: string
Returns Promise<User>
updateEmail
-
Updates the user's email address.
An email will be sent to the original email address (if it was set) that allows to revoke the email address change, in order to protect them from account hijacking.
Important: this is a security sensitive operation that requires the user to have recently signed in. If this requirement isn't met, ask the user to authenticate again and then call firebase.User.reauthenticateWithCredential.
Error Codes
- auth/invalid-email
- Thrown if the email used is invalid.
- auth/email-already-in-use
- Thrown if the email is already used by another user.
- auth/requires-recent-login
- Thrown if the user's last sign-in time does not meet the security threshold. Use firebase.User.reauthenticateWithCredential to resolve. This does not apply if the user is anonymous.
Parameters
-
newEmail: string
The new email address.
Returns Promise<void>
updatePassword
-
Updates the user's password.
Important: this is a security sensitive operation that requires the user to have recently signed in. If this requirement isn't met, ask the user to authenticate again and then call firebase.User.reauthenticateWithCredential.
Error Codes
- auth/weak-password
- Thrown if the password is not strong enough.
- auth/requires-recent-login
- Thrown if the user's last sign-in time does not meet the security threshold. Use firebase.User.reauthenticateWithCredential to resolve. This does not apply if the user is anonymous.
Parameters
-
newPassword: string
Returns Promise<void>
updatePhoneNumber
-
Updates the user's phone number.
Error Codes
- auth/invalid-verification-code
- Thrown if the verification code of the credential is not valid.
- auth/invalid-verification-id
- Thrown if the verification ID of the credential is not valid.
Parameters
-
phoneCredential: AuthCredential
Returns Promise<void>
updateProfile
-
Updates a user's profile data.
Parameters
-
profile: { displayName?: string | null; photoURL?: string | null }
The profile's displayName and photoURL to update.
-
Optional display
Name?: string | null -
Optional photoURL?: string | null
-
Returns Promise<void>
-
verifyBeforeUpdateEmail
-
Sends a verification email to a new email address. The user's email will be updated to the new one after being verified.
If you have a custom email action handler, you can complete the verification process by calling firebase.auth.Auth.applyActionCode.
Error Codes
- auth/missing-android-pkg-name
- An Android package name must be provided if the Android app is required to be installed.
- auth/missing-continue-uri
- A continue URL must be provided in the request.
- auth/missing-ios-bundle-id
- An iOS bundle ID must be provided if an App Store ID is provided.
- auth/invalid-continue-uri
- The continue URL provided in the request is invalid.
- auth/unauthorized-continue-uri
- The domain of the continue URL is not whitelisted. Whitelist the domain in the Firebase console.
Parameters
-
newEmail: string
The email address to be verified and updated to.
-
Optional actionCodeSettings: ActionCodeSettings | null
The action code settings. If specified, the state/continue URL will be set as the "continueUrl" parameter in the email verification link. The default email verification landing page will use this to display a link to go back to the app if it is installed. If the actionCodeSettings is not specified, no URL is appended to the action URL. The state URL provided must belong to a domain that is whitelisted by the developer in the console. Otherwise an error will be thrown. Mobile app redirects will only be applicable if the developer configures and accepts the Firebase Dynamic Links terms of condition. The Android package name and iOS bundle ID will be respected only if they are configured in the same Firebase Auth project used.
Returns Promise<void>
A user account.