Firebase Auth doesn’t have a built-in roles concept. But you can implement your own roles via custom claims, and check for them using the Admin SDK. Take a look at my article on the subject. To verify that a user has a certain role, simply verify the ID token, and inspect the result to see if it contains the required custom claims.

You’re also welcome to tune into my I/O talk next week, where I’ll be diving deep into this use case.