Stay organized with collections Save and categorize content based on your preferences. Firebase Security Pathway Quiz Return to pathway What is unique about the Firebase Admin SDK, and when should it be used? The Admin SDK stores secrets, and should only be used when you're using a secret. The Admin SDK doesn't pass along authentication information, so it's ideal to use it when you can make follow up requests. The Admin SDK bypasses Firebase Security Rules and should only be used from a trusted environment like Firebase Functions or a server you control. The Admin SDK doesn't send a request unless the app has passed Attestation, and should not be used for testing. What are authentication and authorization? Authentication is the process of verifying what a user can do. Authorization is the process of verifying who a user is. Authentication is the process of verifying who a user is. Authorization is the process of verifying what a user can access. Authentication is the process of verifying who a user is. Authorization is the process of verifying how they signed up. Authentication is the process of determining why a user takes an action. Authorization is the process of verifying if they can take the action. What is the purpose of Firebase Security Rules? Security Rules are used by Cloud Firestore, Cloud Storage for Firebase, and the Realtime Database to perform authorization; they determine if a user can perform a given read or write. Security Rules are a checklist to follow before you deploy to production. Security Rules control how you read and write to the database from your client. Security Rules are filters that are AND-ed together, so any rule can block access. Which functions does App Check provide? App Check verifies that a request originated from your app and sends a notification if it did not. App Check authenticates users and checks the user has permissions to access the data. App Check checks a user’s app version and, if too low, nudges them to upgrade. App Check verifies that a request originated from your app and blocks all other requests to backend resources. What services can be protected with App Check? Firebase APIs only All Google APIs Firebase APIs and API endpoints on your own server. Any public API you can make requests to Submit answers error_outline An error occurred when grading the quiz. Please try again.
