The entry point of the Firebase Authentication SDK.
First, obtain an instance of this class by calling getInstance()
.
Then, sign up or sign in a user with one of the following methods:
createUserWithEmailAndPassword(String, String)
signInWithEmailAndPassword(String, String)
signInWithCredential(AuthCredential)
signInAnonymously()
signInWithCustomToken(String)
getCurrentUser()
to get a FirebaseUser
object, which contains information about the signed-in user.
Nested Class Summary
interface | FirebaseAuth.AuthStateListener | Listener called when there is a change in the authentication state. | |
interface | FirebaseAuth.IdTokenListener | Listener called when the id token is changed. |
Public Method Summary
void |
addAuthStateListener(FirebaseAuth.AuthStateListener
listener)
Registers a listener to changes in the user authentication state.
|
void |
addIdTokenListener(FirebaseAuth.IdTokenListener
listener)
Registers a listener to changes in the token authentication state.
|
Task<Void> |
applyActionCode(String code)
Applies the given
code , which can be any out of band code which is
valid according to
checkActionCode(String) that does not also pass
verifyPasswordResetCode(String) , which requires an additional
parameter.
|
Task<ActionCodeResult> | |
Task<Void> |
confirmPasswordReset(String code,
String
newPassword)
Changes the user's password to
newPassword for the account for
which the code is valid.
|
Task<AuthResult> |
createUserWithEmailAndPassword(String email,
String
password)
Tries to create a new user account with the given email address and password.
|
Task<SignInMethodQueryResult> |
fetchSignInMethodsForEmail(String email)
Returns a list of signin methods that can be used to sign in a given user
(identified by its main email address).
|
FirebaseApp |
getApp()
Returns the
FirebaseApp
instance to which this FirebaseAuth
belongs.
|
FirebaseUser |
getCurrentUser()
Returns the currently signed-in
FirebaseUser
or null if there is none.
|
FirebaseAuthSettings |
getFirebaseAuthSettings()
Returns the
FirebaseAuthSettings
instance for this FirebaseAuth
instance.
|
static FirebaseAuth |
getInstance()
Returns an instance of this class corresponding to the default
FirebaseApp
instance.
|
static FirebaseAuth |
getInstance(FirebaseApp
firebaseApp)
Returns an instance of this class corresponding to the given
FirebaseApp
instance.
|
String |
getLanguageCode()
Returns the language code set in
setLanguageCode(String) .
|
Task<AuthResult> |
getPendingAuthResult()
Returns a
Task
wrapping an AuthResult .
|
String |
getTenantId()
Returns the Tenant ID previously set on this instance or
null if
none was set.
|
boolean |
isSignInWithEmailLink(String link)
Determines if the given link is a link intended for use with
EmailAuthProvider.getCredentialWithLink(String, String) .
|
void |
removeAuthStateListener(FirebaseAuth.AuthStateListener
listener)
Unregisters a listener to authentication changes.
|
void |
removeIdTokenListener(FirebaseAuth.IdTokenListener
listener)
Unregisters a listener to authentication changes.
|
Task<Void> |
sendPasswordResetEmail(String email,
ActionCodeSettings
actionCodeSettings)
Triggers the Firebase Authentication backend to send a password-reset email to
the given email address, which must correspond to an existing user of your app.
|
Task<Void> |
sendPasswordResetEmail(String email)
Calls
sendPasswordResetEmail(String, ActionCodeSettings) without any
ActionCodeSettings.
|
Task<Void> |
sendSignInLinkToEmail(String email,
ActionCodeSettings
actionCodeSettings)
Sends an email to the specified email which will contain a link to be used to
sign in the user.
|
Task<Void> | |
void |
setLanguageCode(String
languageCode)
Sets the user-facing language code for auth operations that can be
internationalized, such as
FirebaseUser.sendEmailVerification() .
|
void |
setTenantId(String tenantId)
Sets the Tenant ID to be passed on all future sign-in/sign-up operations and
sign in or sign up users to the specified project as identified by the tenant.
|
Task<AuthResult> |
signInAnonymously()
Signs in the user anonymously without requiring any credential.
|
Task<AuthResult> |
signInWithCredential(AuthCredential
credential)
Tries to sign in a user with the given
AuthCredential .
|
Task<AuthResult> | |
Task<AuthResult> |
signInWithEmailAndPassword(String email,
String
password)
Tries to sign in a user with the given email address and password.
|
Task<AuthResult> |
signInWithEmailLink(String email,
String
link)
Tries to sign in a user with the given email address and link.
|
void |
signOut()
Signs out the current user and clears it from the disk cache.
|
Task<AuthResult> |
startActivityForSignInWithProvider(Activity
activity, FederatedAuthProvider
federatedAuthProvider)
Signs in the user using the mobile browser (either a Custom Chrome Tab or the
device's default browser) for the given
provider .
|
Task<Void> |
updateCurrentUser(FirebaseUser
user)
Sets the current user to a copy of the given user, but associated with this
FirebaseAuth 's
FirebaseApp .
|
void |
useAppLanguage()
Sets the user-facing language code to be the default app language.
|
void |
useEmulator(String host, int
port)
Modify this FirebaseAuth instance to communicate with the Firebase
Authentication emulator.
|
Task<String> |
verifyPasswordResetCode(String code)
Checks that the
code is a valid password reset out of band code.
|
Inherited Method Summary
Public Methods
public void addAuthStateListener (FirebaseAuth.AuthStateListener listener)
Registers a listener to changes in the user authentication state. There can be more
than one listener registered at the same time for one or more FirebaseAuth
instances.
The listeners call back in the UI thread, on the following events:
- Right after the listener has been registered
- When a user signs in
- When the current user signs out
- When the current user changes
It is a recommended practice to always listen to sign-out events, as you may want to prompt the user to sign in again and maybe restrict the information or actions they have access to.
Use
removeAuthStateListener(AuthStateListener)
to unregister a listener.
See
addIdTokenListener(IdTokenListener)
if you want to listen to token
refreshes.
See Also: FirebaseAuth.AuthStateListener
public void addIdTokenListener (FirebaseAuth.IdTokenListener listener)
Registers a listener to changes in the token authentication state. There can be more
than one listener registered at the same time for one or more FirebaseAuth
instances.
The listeners call back in the UI thread, on the following events:
- Right after the listener has been registered
- When a user signs in
- When the current user signs out
- When the current user changes
- When there is a change in the current user's token
It is a recommended practice to always listen to sign-out events, as you may want to prompt the user to sign in again and maybe restrict the information or actions they have access to.
Use
removeIdTokenListener(IdTokenListener)
to unregister a listener.
See
addAuthStateListener(AuthStateListener)
if you do not want to listen to
token refreshes.
See Also: FirebaseAuth.IdTokenListener
public Task<Void> applyActionCode (String code)
Applies the given code
, which can be any out of band code which is
valid according to
checkActionCode(String)
that does not also pass
verifyPasswordResetCode(String)
, which requires an additional parameter.
public Task<ActionCodeResult> checkActionCode (String code)
Checks that the code
given is valid. This code will have been generated
by
sendPasswordResetEmail(String)
or
FirebaseUser.sendEmailVerification()
valid for a single use.
Returns
Task
which you can use to see the result via theActionCodeResult
, which holds the user email for which that ActionCode is valid, as well as theActionCodeResult.Operation
which is being performed.
public Task<Void> confirmPasswordReset (String code, String newPassword)
Changes the user's password to newPassword
for the account for which
the code
is valid. Code validity can be checked with
verifyPasswordResetCode(String)
. This use case is only valid for signed-out
users, and behavior is undefined for signed-in users. Password changes for signed-in
users should be made using
FirebaseUser.updatePassword(String)
.
Exceptions
IllegalArgumentException
thrown if passed a nullcode
ornewPassword
FirebaseAuthActionCodeException
thrown if thecode
is malformed or has expired.FirebaseAuthInvalidUserException
thrown if the user corresponding to the given code has been disabled, or if there is no user corresponding to the given code.FirebaseAuthWeakPasswordException
thrown if the givennewPassword
is too weak.
See Also:
public Task<AuthResult> createUserWithEmailAndPassword (String email, String password)
Tries to create a new user account with the given email address and password. If successful, it also signs the user in into the app.
Access the signed-in user with getCurrentUser()
.
Upon successful completion, this operation triggers an
FirebaseAuth.IdTokenListener.onIdTokenChanged(FirebaseAuth)
event in all
registered FirebaseAuth.IdTokenListener
s
and an
FirebaseAuth.AuthStateListener.onAuthStateChanged(FirebaseAuth)
event in all
registered FirebaseAuth.AuthStateListener
s.
Important: you must enable Email & Password accounts in the Firebase console before you can use this method.
Exceptions
FirebaseAuthWeakPasswordException
thrown if the password is not strong enoughFirebaseAuthInvalidCredentialsException
thrown if theemail
address is malformedFirebaseAuthUserCollisionException
thrown if there already exists an account with the givenemail
address
See Also:
Returns
Task
ofAuthResult
with the result of the operation
public Task<SignInMethodQueryResult> fetchSignInMethodsForEmail (String email)
Returns a list of signin methods that can be used to sign in a given user
(identified by its main email address). This will match the AuthCredential.getSignInMethod()
for the credential you would generate for the appropriate signin mechanism.
This method is useful when you support multiple authentication mechanisms if you
want to implement an email-first authentication flow. It is also useful to resolve a
FirebaseAuthUserCollisionException
thrown on
signInWithCredential(AuthCredential)
.
Exceptions
FirebaseAuthInvalidCredentialsException
thrown if theemail
address is malformed
Parameters
the email address that identifies the user to fetch the providers from |
Returns
Task
ofSignInMethodQueryResult
with the result of the operation
public FirebaseApp getApp ()
Returns the FirebaseApp
instance to which this FirebaseAuth
belongs.
public FirebaseUser getCurrentUser ()
Returns the currently signed-in FirebaseUser
or null if there is none.
Use getCurrentUser() != null
to check if a user is signed in.
Returns
- the signed-in user or null
public FirebaseAuthSettings getFirebaseAuthSettings ()
Returns the FirebaseAuthSettings
instance for this FirebaseAuth
instance.
public static FirebaseAuth getInstance ()
Returns an instance of this class corresponding to the default FirebaseApp
instance.
Note: Firebase Authentication does not currently support Android Direct Boot.
For Applications that use Direct Boot, check if
android.content.Context.isDeviceProtectedStorage
is false
before you call FirebaseAuth.getInstance()
.
public static FirebaseAuth getInstance (FirebaseApp firebaseApp)
Returns an instance of this class corresponding to the given FirebaseApp
instance.
Note: Firebase Authentication does not currently support Android Direct Boot.
For Applications that use Direct Boot, check if
android.content.Context.isDeviceProtectedStorage
is false
before you call FirebaseAuth.getInstance(firebaseApp)
.
public String getLanguageCode ()
Returns the language code set in
setLanguageCode(String)
.
public Task<AuthResult> getPendingAuthResult ()
Returns a Task
wrapping an
AuthResult
.
This will return a non-null value if your app launches a web sign-in flow and the OS
cleans up your hosting Activity
while
in the background (likely due to a low-memory event). The returned result is the value
that
startActivityForSignInWithProvider(Activity, FederatedAuthProvider)
would
have returned, which includes any Exceptions thrown. Otherwise, returns null.
This method will only return a non-null result for a sign-in once. A non-null value will only be present for suitably recent sign-ins to help prevent false positive sign-ins.
public String getTenantId ()
Returns the Tenant ID previously set on this instance or null
if none
was set.
public boolean isSignInWithEmailLink (String link)
Determines if the given link is a link intended for use with
EmailAuthProvider.getCredentialWithLink(String, String)
. These links are
generated by
sendSignInLinkToEmail(String, ActionCodeSettings)
.
public void removeAuthStateListener (FirebaseAuth.AuthStateListener listener)
Unregisters a listener to authentication changes.
See Also: FirebaseAuth.AuthStateListener
public void removeIdTokenListener (FirebaseAuth.IdTokenListener listener)
Unregisters a listener to authentication changes.
See Also: FirebaseAuth.IdTokenListener
public Task<Void> sendPasswordResetEmail (String email, ActionCodeSettings actionCodeSettings)
Triggers the Firebase Authentication backend to send a password-reset email to the
given email address, which must correspond to an existing user of your app. Takes in an
ActionCodeSettings
which allows linking back to your app from the sent email.
Exceptions
FirebaseAuthInvalidUserException
thrown if there is no user corresponding to the givenemail
address
Parameters
the email of the account to which you wish to issue an account reset email | |
actionCodeSettings | the settings used to allow your app to handle the link sent in the email on iOS, web, and Android. |
Returns
Task
to track completion of the sending operation
public Task<Void> sendPasswordResetEmail (String email)
Calls
sendPasswordResetEmail(String, ActionCodeSettings)
without any
ActionCodeSettings.
public Task<Void> sendSignInLinkToEmail (String email, ActionCodeSettings actionCodeSettings)
Sends an email to the specified email which will contain a link to be used to sign in the user.
Throws
IllegalArgumentException |
when given an ActionCodeSettings
that does not have canHandleCodeInApp set to true.
See also |
---|
public Task<Void> setFirebaseUIVersion (String firebaseUIVersion)
For internal use in FirebaseUI only.
public void setLanguageCode (String languageCode)
Sets the user-facing language code for auth operations that can be
internationalized, such as
FirebaseUser.sendEmailVerification()
. This language code should follow the
conventions defined by the IETF in BCP47.
public void setTenantId (String tenantId)
Sets the Tenant ID to be passed on all future sign-in/sign-up operations and sign in or sign up users to the specified project as identified by the tenant. If you change this field, future sign-in/sign-ups will contain the new value.
This is set to null as default and users are signed into the agent project.
Note: this is different from what the current user's Tenant ID is; you can change this instance's Tenant ID without affecting the current user.
public Task<AuthResult> signInAnonymously ()
Signs in the user anonymously without requiring any credential.
This method creates a new account in your Firebase Authentication system, except in
the case where there was already an anonymous user signed in into this app. Access the
signed-in user with getCurrentUser()
.
Upon successful completion, this operation triggers an
FirebaseAuth.IdTokenListener.onIdTokenChanged(FirebaseAuth)
event in all
registered FirebaseAuth.IdTokenListener
s
and an
FirebaseAuth.AuthStateListener.onAuthStateChanged(FirebaseAuth)
event in all
registered FirebaseAuth.AuthStateListener
s.
Anonymous users do not require any credential, and are useful in situations where you want to persist information about your users before asking them to sign in. For example, they may be useful when implementing a signed-out shopping cart in an e-commerce application.
Due to the unauthenticated nature of this kind of user, they are not transferrable
across devices. In order to allow your app's users to keep their information, ask them
to provide some other authentication credentials, and link them to the current user
with
FirebaseUser.linkWithCredential(AuthCredential)
.
Important: you must enable Anonymous accounts in the Firebase console before being able to use them.
Returns
Task
ofAuthResult
with the result of the operation
public Task<AuthResult> signInWithCredential (AuthCredential credential)
Tries to sign in a user with the given AuthCredential
.
Use this method to sign in a user into your Firebase Authentication system. First
retrieve the credential
either directly from the user, in case of
EmailAuthCredential
,
or from a supported authentication SDK, such as Google Sign-In or Facebook. Later
access the signed-in user with getCurrentUser()
.
For all AuthCredential
types except EmailAuthCredential
,
this method will create an account for the user in the case that it didn't exist
before.
Important: you must configure the authentication providers in the Firebase console before you can use them.
Exceptions
FirebaseAuthInvalidUserException
thrown if the user account you are trying to sign in to has been disabled. Also thrown ifcredential
is anEmailAuthCredential
with an email address that does not correspond to an existing user.FirebaseAuthInvalidCredentialsException
thrown if thecredential
is malformed or has expired. Ifcredential instanceof EmailAuthCredential
it will be thrown if the password is incorrect.FirebaseAuthUserCollisionException
thrown if there already exists an account with the email address asserted by thecredential
. Resolve this case by callingfetchSignInMethodsForEmail(String)
and then asking the user to sign in using one of them.
See Also:
Returns
Task
ofAuthResult
with the result of the operation
public Task<AuthResult> signInWithCustomToken (String token)
Tries to sign in a user with a given Custom Token.
Use this method after you retrieve a Firebase Auth Custom Token from your server, to
sign in a user into your Firebase Authentication system. Access the signed-in user with
getCurrentUser()
.
Upon successful completion, this operation triggers an
FirebaseAuth.IdTokenListener.onIdTokenChanged(FirebaseAuth)
event in all
registered FirebaseAuth.IdTokenListener
s
and an
FirebaseAuth.AuthStateListener.onAuthStateChanged(FirebaseAuth)
event in all
registered FirebaseAuth.AuthStateListener
s.
This operation might create an account if the uid
specified in the
token corresponds to a user without a record in the system.
Read how to use Custom Token authentication and the cases where it is useful in the guides.
Exceptions
FirebaseAuthInvalidCredentialsException
thrown if thetoken
format is incorrect or if it corresponds to a different Firebase App
Returns
Task
ofAuthResult
with the result of the operation
public Task<AuthResult> signInWithEmailAndPassword (String email, String password)
Tries to sign in a user with the given email address and password.
Access the signed-in user with getCurrentUser()
.
Upon successful completion, this operation triggers an
FirebaseAuth.IdTokenListener.onIdTokenChanged(FirebaseAuth)
event in all
registered FirebaseAuth.IdTokenListener
s
and an
FirebaseAuth.AuthStateListener.onAuthStateChanged(FirebaseAuth)
event in all
registered FirebaseAuth.AuthStateListener
s.
This is equivalent to calling
signInWithCredential(AuthCredential)
with an EmailAuthCredential
generated by
EmailAuthProvider.getCredential(String, String)
.
Important: you must enable Email & Password accounts in the Firebase console before being able to use this method.
Exceptions
FirebaseAuthInvalidUserException
thrown if the user account corresponding toemail
does not exist or has been disabledFirebaseAuthInvalidCredentialsException
thrown if thepassword
is wrong
See also:
Returns
Task
ofAuthResult
with the result of the operation
public Task<AuthResult> signInWithEmailLink (String email, String link)
Tries to sign in a user with the given email address and link. This link should be
generated by
sendSignInLinkToEmail(String, ActionCodeSettings)
.
Access the signed-in user with getCurrentUser()
.
Upon successful completion, this operation triggers an
FirebaseAuth.IdTokenListener.onIdTokenChanged(FirebaseAuth)
event in all
registered FirebaseAuth.IdTokenListener
s
and an
FirebaseAuth.AuthStateListener.onAuthStateChanged(FirebaseAuth)
event in all
registered FirebaseAuth.AuthStateListener
s.
This is equivalent to calling
signInWithCredential(AuthCredential)
with an EmailAuthCredential
generated by
EmailAuthProvider.getCredentialWithLink(String, String)
.
Important: you must enable Passwordless sign-in in the Firebase console before being able to use this method.
Exceptions
FirebaseAuthInvalidUserException
thrown if the user account corresponding toemail
does not exist or has been disabledFirebaseAuthInvalidCredentialsException
thrown if thepassword
is wrong
See also:
Returns
Task
ofAuthResult
with the result of the operation
public void signOut ()
Signs out the current user and clears it from the disk cache.
Upon successful completion, this operation triggers an
FirebaseAuth.IdTokenListener.onIdTokenChanged(FirebaseAuth)
event in all
registered FirebaseAuth.IdTokenListener
s
and an
FirebaseAuth.AuthStateListener.onAuthStateChanged(FirebaseAuth)
event in all
registered FirebaseAuth.AuthStateListener
s.
public Task<AuthResult> startActivityForSignInWithProvider (Activity activity, FederatedAuthProvider federatedAuthProvider)
Signs in the user using the mobile browser (either a Custom Chrome Tab or the
device's default browser) for the given provider
.
Note: this call has a UI associated with it, unlike the majority of calls in FirebaseAuth.
Exceptions
FirebaseAuthInvalidCredentialsException
thrown if the credential generated from the flow is malformed or expired.FirebaseAuthInvalidUserException
thrown if the user has been disabled by an administrator.FirebaseAuthUserCollisionException
thrown if the email that keys the user that is signing in is already in use.FirebaseAuthWebException
thrown if there is an operation already in progress, the pending operation was canceled, there is a problem with 3rd party cookies in the browser, or some other error in the web context has occurred.FirebaseAuthException
thrown if signing in via this method has been disabled in the Firebase Console, or if theprovider
passed is configured improperly.
Parameters
activity | the current Activity
from which you intend to launch this flow. |
---|---|
federatedAuthProvider | an FederatedAuthProvider
configured with information about how you intend the user to sign in. |
Returns
- a
Task
with a reference to anAuthResult
with user information upon success
public Task<Void> updateCurrentUser (FirebaseUser user)
Sets the current user to a copy of the given user, but associated with this
FirebaseAuth
's
FirebaseApp
. If
the given user isn't for this project, then a FirebaseAuthInvalidUserException
will be returned via the Task.
public void useAppLanguage ()
Sets the user-facing language code to be the default app language.
public void useEmulator (String host, int port)
Modify this FirebaseAuth instance to communicate with the Firebase Authentication emulator.
Note: this must be called before this instance has been used to do any operations.
Parameters
host | the emulator host (e.g. 10.0.2.2) |
---|---|
port | the emulator port (e.g. 8080) |
public Task<String> verifyPasswordResetCode (String code)
Checks that the code
is a valid password reset out of band code. This
code will have been generated by a call to
sendPasswordResetEmail(String)
, and is valid for a single use.
Returns
Task
which holds the email for which this code is applicable.