FirebaseAuth

public abstract class FirebaseAuth extends Object

The entry point of the Firebase Authentication SDK.

First, obtain an instance of this class by calling getInstance().

Then, sign up or sign in a user with one of the following methods:

Finally, call getCurrentUser() to get a FirebaseUser object, which contains information about the signed-in user.

Nested Class Summary

interface	FirebaseAuth.AuthStateListener		Listener called when there is a change in the authentication state.
interface	FirebaseAuth.IdTokenListener		Listener called when the id token is changed.

Public Method Summary

void	addAuthStateListener(FirebaseAuth.AuthStateListener listener) Registers a listener to changes in the user authentication state.
void	addIdTokenListener(FirebaseAuth.IdTokenListener listener) Registers a listener to changes in the token authentication state.
Task<Void>	applyActionCode(String code) Applies the given `code`, which can be any out of band code which is valid according to `checkActionCode(String)` that does not also pass `verifyPasswordResetCode(String)`, which requires an additional parameter.
Task<ActionCodeResult>	checkActionCode(String code) Checks that the `code` given is valid.
Task<Void>	confirmPasswordReset(String code, String newPassword) Changes the user's password to `newPassword` for the account for which the `code` is valid.
Task<AuthResult>	createUserWithEmailAndPassword(String email, String password) Tries to create a new user account with the given email address and password.
Task<SignInMethodQueryResult>	fetchSignInMethodsForEmail(String email) Returns a list of signin methods that can be used to sign in a given user (identified by its main email address).
FirebaseApp	getApp() Returns the `FirebaseApp` instance to which this `FirebaseAuth` belongs.
FirebaseUser	getCurrentUser() Returns the currently signed-in `FirebaseUser` or null if there is none.
FirebaseAuthSettings	getFirebaseAuthSettings() Returns the `FirebaseAuthSettings` instance for this `FirebaseAuth` instance.
static FirebaseAuth	getInstance() Returns an instance of this class corresponding to the default `FirebaseApp` instance.
static FirebaseAuth	getInstance(FirebaseApp firebaseApp) Returns an instance of this class corresponding to the given `FirebaseApp` instance.
String	getLanguageCode() Returns the language code set in `setLanguageCode(String)`.
Task<AuthResult>	getPendingAuthResult() Returns a `Task` wrapping an `AuthResult`.
boolean	isSignInWithEmailLink(String link) Determines if the given link is a link intended for use with `getCredentialWithLink(String, String)`.
void	removeAuthStateListener(FirebaseAuth.AuthStateListener listener) Unregisters a listener to authentication changes.
void	removeIdTokenListener(FirebaseAuth.IdTokenListener listener) Unregisters a listener to authentication changes.
Task<Void>	sendPasswordResetEmail(String email, ActionCodeSettings actionCodeSettings) Triggers the Firebase Authentication backend to send a password-reset email to the given email address, which must correspond to an existing user of your app.
Task<Void>	sendPasswordResetEmail(String email) Calls `sendPasswordResetEmail(String, ActionCodeSettings)` without any ActionCodeSettings.
Task<Void>	sendSignInLinkToEmail(String email, ActionCodeSettings actionCodeSettings) Sends an email to the specified email which will contain a link to be used to sign in the user.
Task<Void>	setFirebaseUIVersion(String firebaseUIVersion) For internal use in FirebaseUI only.
void	setLanguageCode(String languageCode) Sets the user-facing language code for auth operations that can be internationalized, such as `sendEmailVerification()`.
Task<AuthResult>	signInAnonymously() Signs in the user anonymously without requiring any credential.
Task<AuthResult>	signInWithCredential(AuthCredential credential) Tries to sign in a user with the given `AuthCredential`.
Task<AuthResult>	signInWithCustomToken(String token) Tries to sign in a user with a given Custom Token.
Task<AuthResult>	signInWithEmailAndPassword(String email, String password) Tries to sign in a user with the given email address and password.
Task<AuthResult>	signInWithEmailLink(String email, String link) Tries to sign in a user with the given email address and link.
void	signOut() Signs out the current user and clears it from the disk cache.
Task<AuthResult>	startActivityForSignInWithProvider(Activity activity, FederatedAuthProvider federatedAuthProvider) Signs in the user using the mobile browser (either a Custom Chrome Tab or the device's default browser) for the given `provider`.
Task<Void>	updateCurrentUser(FirebaseUser user) Sets the current user to a copy of the given user, but associated with this `FirebaseAuth`'s `FirebaseApp`.
void	useAppLanguage() Sets the user-facing language code to be the default app language.
Task<String>	verifyPasswordResetCode(String code) Checks that the `code` is a valid password reset out of band code.

Inherited Method Summary

From class java.lang.Object

Object	clone()
boolean	equals(Object arg0)
void	finalize()
final Class<?>	getClass()
int	hashCode()
final void	notify()
final void	notifyAll()
String	toString()
final void	wait(long arg0, int arg1)
final void	wait(long arg0)
final void	wait()

Public Methods

public void addAuthStateListener (FirebaseAuth.AuthStateListener listener)

Registers a listener to changes in the user authentication state. There can be more than one listener registered at the same time for one or more FirebaseAuth instances.

The listeners call back in the UI thread, on the following events:

Right after the listener has been registered
When a user signs in
When the current user signs out
When the current user changes

It is a recommended practice to always listen to sign-out events, as you may want to prompt the user to sign in again and maybe restrict the information or actions they have access to.

Use removeAuthStateListener(AuthStateListener) to unregister a listener.

See addIdTokenListener(IdTokenListener) if you want to listen to token refreshes.

public void addIdTokenListener (FirebaseAuth.IdTokenListener listener)

Registers a listener to changes in the token authentication state. There can be more than one listener registered at the same time for one or more FirebaseAuth instances.

The listeners call back in the UI thread, on the following events:

Right after the listener has been registered
When a user signs in
When the current user signs out
When the current user changes
When there is a change in the current user's token

It is a recommended practice to always listen to sign-out events, as you may want to prompt the user to sign in again and maybe restrict the information or actions they have access to.

Use removeIdTokenListener(IdTokenListener) to unregister a listener.

See addAuthStateListener(AuthStateListener) if you do not want to listen to token refreshes.

public Task<Void> applyActionCode (String code)

Applies the given code, which can be any out of band code which is valid according to checkActionCode(String) that does not also pass verifyPasswordResetCode(String), which requires an additional parameter.

public Task<ActionCodeResult> checkActionCode (String code)

Checks that the code given is valid. This code will have been generated by sendPasswordResetEmail(String) or sendEmailVerification() valid for a single use.

Returns

Task which you can use to see the result via the ActionCodeResult, which holds the user email for which that ActionCode is valid, as well as the ActionCodeResult.Operation which is being performed.

public Task<Void> confirmPasswordReset (String code, String newPassword)

Changes the user's password to newPassword for the account for which the code is valid. Code validity can be checked with verifyPasswordResetCode(String). This use case is only valid for signed-out users, and behavior is undefined for signed-in users. Password changes for signed-in users should be made using updatePassword(String).

Exceptions

IllegalArgumentException thrown if passed a null code or newPassword
FirebaseAuthActionCodeException thrown if the code is malformed or has expired.
FirebaseAuthInvalidUserException thrown if the user corresponding to the given code has been disabled, or if there is no user corresponding to the given code.
FirebaseAuthWeakPasswordException thrown if the given newPassword is too weak.

public Task<AuthResult> createUserWithEmailAndPassword (String email, String password)

Tries to create a new user account with the given email address and password. If successful, it also signs the user in into the app.

Access the signed-in user with getCurrentUser().

Upon successful completion, this operation triggers an onIdTokenChanged(FirebaseAuth) event in all registered FirebaseAuth.IdTokenListeners and an onAuthStateChanged(FirebaseAuth) event in all registered FirebaseAuth.AuthStateListeners.

Important: you must enable Email & Password accounts in the Firebase console before you can use this method.

Exceptions

FirebaseAuthWeakPasswordException thrown if the password is not strong enough
FirebaseAuthInvalidCredentialsException thrown if the email address is malformed
FirebaseAuthUserCollisionException thrown if there already exists an account with the given email address

Returns

Task of AuthResult with the result of the operation

public Task<SignInMethodQueryResult> fetchSignInMethodsForEmail (String email)

Returns a list of signin methods that can be used to sign in a given user (identified by its main email address). This will match the getSignInMethod() for the credential you would generate for the appropriate signin mechanism.

This method is useful when you support multiple authentication mechanisms if you want to implement an email-first authentication flow. It is also useful to resolve a FirebaseAuthUserCollisionException thrown on signInWithCredential(AuthCredential).

Exceptions

FirebaseAuthInvalidCredentialsException thrown if the email address is malformed

Parameters

email	the email address that identifies the user to fetch the providers from

Returns

Task of SignInMethodQueryResult with the result of the operation

public FirebaseApp getApp ()

Returns the FirebaseApp instance to which this FirebaseAuth belongs.

public FirebaseUser getCurrentUser ()

Returns the currently signed-in FirebaseUser or null if there is none.

Use getCurrentUser() != null to check if a user is signed in.

Returns

the signed-in user or null

public FirebaseAuthSettings getFirebaseAuthSettings ()

Returns the FirebaseAuthSettings instance for this FirebaseAuth instance.

public static FirebaseAuth getInstance ()

Returns an instance of this class corresponding to the default FirebaseApp instance.

Note: Firebase Authentication does not currently support Android Direct Boot.

For Applications that use Direct Boot, check if android.content.Context.isDeviceProtectedStorage is false before you call FirebaseAuth.getInstance().

public static FirebaseAuth getInstance (FirebaseApp firebaseApp)

Returns an instance of this class corresponding to the given FirebaseApp instance.

Note: Firebase Authentication does not currently support Android Direct Boot.

For Applications that use Direct Boot, check if android.content.Context.isDeviceProtectedStorage is false before you call FirebaseAuth.getInstance(firebaseApp).

public String getLanguageCode ()

Returns the language code set in setLanguageCode(String).

public Task<AuthResult> getPendingAuthResult ()

Returns a Task wrapping an AuthResult. This will return a non-null value if your app launches a web sign-in flow and the OS cleans up your hosting Activity while in the background (likely due to a low-memory event). The returned result is the value that startActivityForSignInWithProvider(Activity, FederatedAuthProvider) would have returned, which includes any Exceptions thrown. Otherwise, returns null.

This method will only return a non-null result for a sign-in once. A non-null value will only be present for suitably recent sign-ins to help prevent false positive sign-ins.

public boolean isSignInWithEmailLink (String link)

Determines if the given link is a link intended for use with getCredentialWithLink(String, String). These links are generated by sendSignInLinkToEmail(String, ActionCodeSettings).

public void removeAuthStateListener (FirebaseAuth.AuthStateListener listener)

Unregisters a listener to authentication changes.

public void removeIdTokenListener (FirebaseAuth.IdTokenListener listener)

Unregisters a listener to authentication changes.

public Task<Void> sendPasswordResetEmail (String email, ActionCodeSettings actionCodeSettings)

Triggers the Firebase Authentication backend to send a password-reset email to the given email address, which must correspond to an existing user of your app. Takes in an ActionCodeSettings which allows linking back to your app from the sent email.

Exceptions

FirebaseAuthInvalidUserException thrown if there is no user corresponding to the given email address

Parameters

email	the email of the account to which you wish to issue an account reset email
actionCodeSettings	the settings used to allow your app to handle the link sent in the email on iOS, web, and Android.

Returns

Task to track completion of the sending operation

public Task<Void> sendPasswordResetEmail (String email)

Calls sendPasswordResetEmail(String, ActionCodeSettings) without any ActionCodeSettings.

public Task<Void> sendSignInLinkToEmail (String email, ActionCodeSettings actionCodeSettings)

Sends an email to the specified email which will contain a link to be used to sign in the user.

Throws

IllegalArgumentException	when given an `ActionCodeSettings` that does not have `canHandleCodeInApp` set to true. See also `getCredentialWithLink(String, String)`

public Task<Void> setFirebaseUIVersion (String firebaseUIVersion)

For internal use in FirebaseUI only.

public void setLanguageCode (String languageCode)

Sets the user-facing language code for auth operations that can be internationalized, such as sendEmailVerification(). This language code should follow the conventions defined by the IETF in BCP47.

public Task<AuthResult> signInAnonymously ()

Signs in the user anonymously without requiring any credential.

This method creates a new account in your Firebase Authentication system, except in the case where there was already an anonymous user signed in into this app. Access the signed-in user with getCurrentUser().

Anonymous users do not require any credential, and are useful in situations where you want to persist information about your users before asking them to sign in. For example, they may be useful when implementing a signed-out shopping cart in an e-commerce application.

Due to the unauthenticated nature of this kind of user, they are not transferrable across devices. In order to allow your app's users to keep their information, ask them to provide some other authentication credentials, and link them to the current user with linkWithCredential(AuthCredential).

Important: you must enable Anonymous accounts in the Firebase console before being able to use them.

Returns

Task of AuthResult with the result of the operation

public Task<AuthResult> signInWithCredential (AuthCredential credential)

Tries to sign in a user with the given AuthCredential.

Use this method to sign in a user into your Firebase Authentication system. First retrieve the credential either directly from the user, in case of EmailAuthCredential, or from a supported authentication SDK, such as Google Sign-In or Facebook. Later access the signed-in user with getCurrentUser().

For all AuthCredential types except EmailAuthCredential, this method will create an account for the user in the case that it didn't exist before.

Important: you must configure the authentication providers in the Firebase console before you can use them.

Exceptions

FirebaseAuthInvalidUserException thrown if the user account you are trying to sign in to has been disabled. Also thrown if credential is an EmailAuthCredential with an email address that does not correspond to an existing user.
FirebaseAuthInvalidCredentialsException thrown if the credential is malformed or has expired. If credential instanceof EmailAuthCredential it will be thrown if the password is incorrect.
FirebaseAuthUserCollisionException thrown if there already exists an account with the email address asserted by the credential. Resolve this case by calling fetchSignInMethodsForEmail(String) and then asking the user to sign in using one of them.

Returns

Task of AuthResult with the result of the operation

public Task<AuthResult> signInWithCustomToken (String token)

Tries to sign in a user with a given Custom Token.

Use this method after you retrieve a Firebase Auth Custom Token from your server, to sign in a user into your Firebase Authentication system. Access the signed-in user with getCurrentUser().

This operation might create an account if the uid specified in the token corresponds to a user without a record in the system.

Read how to use Custom Token authentication and the cases where it is useful in the guides.

Exceptions

FirebaseAuthInvalidCredentialsException thrown if the token format is incorrect or if it corresponds to a different Firebase App

Returns

Task of AuthResult with the result of the operation

public Task<AuthResult> signInWithEmailAndPassword (String email, String password)

Tries to sign in a user with the given email address and password.

Access the signed-in user with getCurrentUser().

This is equivalent to calling signInWithCredential(AuthCredential) with an EmailAuthCredential generated by getCredential(String, String).

Important: you must enable Email & Password accounts in the Firebase console before being able to use this method.

Exceptions

FirebaseAuthInvalidUserException thrown if the user account corresponding to email does not exist or has been disabled
FirebaseAuthInvalidCredentialsException thrown if the password is wrong

Returns

Task of AuthResult with the result of the operation

public Task<AuthResult> signInWithEmailLink (String email, String link)

Tries to sign in a user with the given email address and link. This link should be generated by sendSignInLinkToEmail(String, ActionCodeSettings).

Access the signed-in user with getCurrentUser().

This is equivalent to calling signInWithCredential(AuthCredential) with an EmailAuthCredential generated by getCredentialWithLink(String, String).

Important: you must enable Passwordless sign-in in the Firebase console before being able to use this method.

Exceptions

FirebaseAuthInvalidUserException thrown if the user account corresponding to email does not exist or has been disabled
FirebaseAuthInvalidCredentialsException thrown if the password is wrong

Returns

Task of AuthResult with the result of the operation

public void signOut ()

Signs out the current user and clears it from the disk cache.

public Task<AuthResult> startActivityForSignInWithProvider (Activity activity, FederatedAuthProvider federatedAuthProvider)

Signs in the user using the mobile browser (either a Custom Chrome Tab or the device's default browser) for the given provider.

Note: this call has a UI associated with it, unlike the majority of calls in FirebaseAuth.

Exceptions

FirebaseAuthInvalidCredentialsException thrown if the credential generated from the flow is malformed or expired.
FirebaseAuthInvalidUserException thrown if the user has been disabled by an administrator.
FirebaseAuthUserCollisionException thrown if the email that keys the user that is signing in is already in use.
FirebaseAuthWebException thrown if there is an operation already in progress, the pending operation was canceled, there is a problem with 3rd party cookies in the browser, or some other error in the web context has occurred.
FirebaseAuthException thrown if signing in via this method has been disabled in the Firebase Console, or if the provider passed is configured improperly.

Parameters

activity	the current `Activity` from which you intend to launch this flow.
federatedAuthProvider	an `FederatedAuthProvider` configured with information about how you intend the user to sign in.

Returns

a Task with a reference to an AuthResult with user information upon success

public Task<Void> updateCurrentUser (FirebaseUser user)

Sets the current user to a copy of the given user, but associated with this FirebaseAuth's FirebaseApp. If the given user isn't for this project, then a FirebaseAuthInvalidUserException will be returned via the Task.

public void useAppLanguage ()

Sets the user-facing language code to be the default app language.

public Task<String> verifyPasswordResetCode (String code)

Checks that the code is a valid password reset out of band code. This code will have been generated by a call to sendPasswordResetEmail(String), and is valid for a single use.

Returns

Task which holds the email for which this code is applicable.