Use MFA, blocking functions, and cross-service Security Rules

Learn how to use security features in Firebase, including multi-factor authentication (MFA), blocking functions, and cross-service Security Rules.




Learn about Firebase security features, including multi-factor authentication (MFA), blocking functions, cross-product Security Rules, and App Check.



Learn how Authentication combines something the user knows, like a password, and something the user has, like a physical phone that can receive text messages. Learn how blocking functions let you customize authentication logic.

Advanced Authentication features


Learn how to implement multi-factor authentication and create custom auth requirements with blocking functions.

Security Rules


Learn how Security Rules protects your app and users from malicious actors. Learn about attribute-based access control, custom claims, and cross-service Security rules that allow you to write rules that query your Firestore database within the rules for your Firebase storage.

Protect your Firestore data with Firebase Security Rules


Learn how to secure a simple blog platform built on Firestore. Use the Firestore emulator to run unit tests against the Security Rules, and ensure that the rules allow and disallow the access you expect.

App Check


Learn how App Check offers protection by attesting whether traffic comes from your app on a real device, and how you can enable and enforce App Check on the first production version of your app.

Using Cloud Monitoring to monitor App Check and Security Rules


Learn how to monitor Firebase Security Rules and App Check with Cloud Monitoring.