Thanks, that clarifies it. With Firebase, it’s not that often you’d access a service from a privileged environment (App Engine in this case), while using an end-user’s credentials. It’s more common to perform such end-user operations at the client-side, like the article you’ve cited. With the Admin SDK, developers usually verify the ID token to establish requester identity, and then execute subsequent service calls (e.g. RTDB access) as an admin.

I don’t think option (a) is going to work, so (b) and (c ) are going to be your best bets. Also I think it’s better to move this discussion to StackOverflow, where more Firebase developers can chime in.

Written by

Software engineer at Google. Enjoys working at the intersection of cloud, mobile and programming languages. Fan of all things tech and open source.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store