Identity Platform
The Google Cloud Identity Platform (Firebase Auth) connection
is a user provider that automatically imports and keeps your users up-to-date in UserHub.To enable the Identity Platform connection, you need to upload your service account to UserHub.
Generate service account key
- Go to the Firebase Console
- Select the project you want to set up in UserHub
- Click the gear icon to the right of Project Overview
- Click Project settings
- Click the Service accounts tab
- Click the Generate new private key button
This will download a Google service account file. Make note of the location of the file; it will be used in the next step.
Note: You can create a more restricted service account. Use your existing process to provision a service account, generate a key, and assign the service account the roles/firebaseauth.admin role.
Set up connection
Next, you'll need to set up the connection
in UserHub.- Go to the Admin console and click Connections via the Developers dropdown or Tenant settings
- Click Setup for Identity Platform
- Click the Browse button under Google service account file
- Select the file downloaded in the previous section (e.g.
demo-firebase-adminsdk-kmv0h-53gajc255c.json) - Click Save
- Make sure the status switches to
Active.
Set up Portal callback
Next, you'll need to implement the Portal callback handler to allow users linked directly to the UserHub Portal
to sign in.Set up sign-up syncing
Setting up a function ensures your users are immediately pushed to UserHub when they sign up.
To set up a function, you'll need the UserHub Identity Platform connection ID (see above) and an Admin API
key scoped to Identity Platform.Alternatively, you have the option of calling report event directly from your app.
Create API key
- Go to the Admin console and click API keys via the Developers dropdown or Tenant settings
- Click New API key
- Enter
Identity Platform hookfor the Description - Select
Admin APIfor the Type - Don't set an expiration
- Click the Integrations dropdown and select
Identity Platform - Click Create
- Note the generated API key (e.g.
userhub_admin_agX...), as this token will be used in the next step
Set up function
Next, you'll need to set up the function in Firebase:
Ensure you have the Firebase CLI installed, authenticated, and your project initialized
Ensure functions are initialized in your project
firebase init functionsAdd the following code to your functions file (e.g.
functions/index.js):const { auth, logger } = require("firebase-functions/v1"); const { defineSecret, defineString } = require("firebase-functions/params"); const baseUrl = "https://api.userhub.com"; const adminKey = defineSecret("USERHUB_ADMIN_KEY"); const connectionId = defineString("IDENTITY_PLATFORM_CONNECTION_ID"); exports.onCreate = auth.user().onCreate(async (user) => { try { const userId = encodeURIComponent(user.uid); const response = await fetch( `${baseUrl}/admin/v1/users/${userId}@${connectionId}:event`, { method: "POST", headers: { authorization: `Bearer ${adminKey.value()}`, "user-agent": "UserHub-FirebaseAuth/1.0", }, data: JSON.stringify({ type: "SIGNUP" }), signal: AbortSignal.timeout(2 * 1000), }, ); if (!response.ok) { throw new Error(`${response.status}: ${await response.text()}`); } } catch (e) { logger.error(`Failed to report signup to UserHub: ${e}`); } });Deploy the function and enter the variables when prompted:
firebase deploy --only functions