Authentication when installing
Authentication specifications for HTTPS functions.
Last updated
Authentication specifications for HTTPS functions.
Last updated
Function Store allows you to install an HTTPS function with required authentications or allow unauthenticated invocations. You will see these options in the installation modal of an HTTPS function. This will allow you to have more control over this type of function before deployment without having to do it directly with GCP.
Note that Allow unauthenticated invocation appears selected by default.
HTTPS trigger functions are unauthenticated by default due to our functions are Firebase functions. This lets you reach the function without authentication. If you want to authenticate invocations to these functions, you can use Firebase Authentication.
HTTPS functions can be invoked by different kinds of identities, originating in different places. The invoker might be a developer who is testing the function or another function or service that wishes to use the function. By default, these identities must authenticate themselves (provide proof of their identity) as well as have the appropriate permissions.