Nowadays, many users prefer using federated login, such as Google Sign-In, Facebook, Twitter and others, over having to create a new account for every service they use. Each user has their own favorite federated login provider, and it would take a lot of effort to integrate and manage each federated login provider for your app. This is where Firebase Authentication can help.
Firebase Authentication supports many popular federated login providers. You just need to integrate with Firebase Authentication, and let Firebase automatically manage multiple federated login providers under the hood for you.
However, depending on where your users are in the world, they may prefer a federated login providers for which Firebase does not have built-in support yet. For example, in Japan and many Asian countries, LINE Login is very popular with hundreds of millions of users, so you may want to support it as well. Fortunately, it is fairly simple to integrate LINE Login, as well as many other federated login, with Firebase Authentication using Custom Auth.
In one of our previous blog post, we have shown how to support federated login that was not available out-of-the-box with Firebase Authentication on the web using our JavaScript SDK. In this blog post, I will show you how to integrate with LINE Login on iOS and Android.
Here is how the login flow looks like:
Step 1: Use LINE Login SDK to log user in, and acquire their LINE Access Token
Step 2: Send their LINE Access Token to your server and validate it with LINE authentication server. If the token is valid, then create a Firebase Custom Auth token correspond to the user, and send it back to user's device.
Step 3: Use the Firebase Custom Auth token to login to Firebase from the device.
You will need to do some setup work to get your LINE business account and Firebase project ready.
Refer to LINE Login document (iOS / Android) to integrate LINE SDK to your app and implement LINE Login flow. Once user has successfully logged in, you can get their LINE access token as below:
iOS (Objective-C)
NSString *lineAccessToken = self.lineAdapter.getLineApiClient.accessToken;
Android
LineAuthManager authManager = LineSdkContextManager.getSdkContext().getAuthManager(); final String accessToken = authManager.getAccessToken().accessToken;
Then you can use your favorite networking library to send the access token to your own server for validation. In this sample code, I use GTM HTTP Fetcher for iOS and Volley for Android.
NSURL *url = [NSURL URLWithString:@"https:///verifyToken"]; NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url]; [request setHTTPMethod:@"POST"]; [request setValue:@"application/json" forHTTPHeaderField:@"content-type"]; NSDictionary *token = @{@"token" : lineAccessToken}; NSError *error; NSData *requestBody = [NSJSONSerialization dataWithJSONObject:token options:kNilOptions error:&error]; [request setHTTPBody:requestBody]; GTMHTTPFetcher *fetcher = [GTMHTTPFetcher fetcherWithRequest:request]; [fetcher beginFetchWithCompletionHandler:^(NSData *data, NSError *error) { if (!error) { // Extract Firebase Custom Auth token from response // ・・・ } }];
HashMap validationObject = new HashMap<>(); validationObject.put("token", accessToken); Response.Listener responseListener = new Response.Listener() { @Override public void onResponse(JSONObject response) { // Extract Firebase Custom Auth token from response // ・・・ } }; JsonObjectRequest fbTokenRequest = new JsonObjectRequest( Request.Method.POST, "https:///verifyToken", new JSONObject(validationObject), responseListener, errorListener); NetworkSingleton.getInstance(activity).addToRequestQueue(fbTokenRequest);
You will need a server to validate LINE access token and generate a corresponding Firebase Custom Auth token for that user. You can build a simple one with Firebase Node.js Server SDK and Express web server.
Firstly, your server receives the LINE Access Token from user's device and validates it using LINE Social Rest API. Don't forget to verify the channelId value in API response to make sure that the access token is actually issued for your app. This is to prevent spoof attack, of which attackers reuse access token from other app/channel to attempt login to your app.
Server (Node.js)
app.post('/verifyToken', (req, res) => { if (!req.body.token) { return res.status(400).send('Access Token not found'); } const reqToken = req.body.token; // Send request to LINE server for access token verification const options = { url: 'https://api.line.me/v1/oauth/verify', headers: { 'Authorization': `Bearer ${reqToken}` } }; request(options, (error, response, body) => { if (!error && response.statusCode === 200) { const lineObj = JSON.parse(body); // Don't forget to verify the token's channelId to prevent spoof attack if ((typeof lineObj.mid !== 'undefined') && (lineObj.channelId === myLINEChannelId)) { // Access Token Validation succeed with LINE server // Generate Firebase token and return to device const firebaseToken = generateFirebaseToken(lineObj.mid); // Update Firebase user profile with LINE profile updateUserProfile(reqToken, firebaseToken, lineObj.mid, () => { const ret = { firebase_token: firebaseToken }; return res.status(200).send(ret); }); } } const ret = { error_message: 'Authentication error: Cannot verify access token.' }; return res.status(403).send(ret); }); } });
After successfully validated LINE Access Token, use Firebase Server SDK to generate Firebase Custom Auth token and return it to the user device. You can reuse LINE's user ID for your Firebase user ID.
function generateFirebaseToken(lineMid) { var firebaseUid = 'line:' + lineMid; var additionalClaims = { provider: 'LINE' }; return firebase.auth().createCustomToken(firebaseUid); }
We also have a Firebase Server Java SDK.
You can make use of solutions like App Engine Flexible Environment or Cloud Functions to free yourself from managing the server.
After receiving the Firebase Custom Auth token, just use it to sign the user in Firebase:
[[FIRAuth auth] signInWithCustomToken:firebaseToken completion:^(FIRUser * _Nullable user, NSError * _Nullable error) { // Process sign in result // ・・・ }];
FirebaseAuth.getInstance() .signInWithCustomToken(firebaseToken) .addOnCompleteListener(new OnCompleteListener() { // Process sign in result // ・・・ });
Our sample code is open source. Feel free to download and give it a try. https://github.com/firebase/custom-auth-samples/tree/master/Line
Earlier this year, we introduced the expansion of Firebase: a unified app platform that provides developers a variety of tools and a scalable infrastructure to build high quality apps and grow successful businesses across Android, iOS and the Web. This blog post is not about the 'what' but more about the 'how'. How do you implement Firebase into your app quickly and easily?
Today we are launching a complete end-to-end video training course called "Firebase in a Weekend". Whether you develop Android or iOS apps, the training course helps you understand many of the core features of Firebase, learned by building an app from the ground up.
Join some of our favorite Firebase instructors as they walk you through building a functioning messaging app using:
We partnered with Udacity, the online learning platform, to give you a more personalized, in depth explanation of Firebase and its features. You can learn how to do it on either Android or iOS by watching short videos enhanced with code samples and assessments.
Check out the Android or iOS course online for no charge. Check out all of the courses at udacity.com/google.
With Firebase, we've been working towards a world where developers don't have to deal with managing servers and can instead build web and mobile apps with only client-side code. However, there are times when you really do need to spin up your own server. For example, you may want to integrate with a third-party API (such as an email or SMS service), complete a computationally expensive task, or have a need for a trusted actor. We want to make your experience on this part of your stack as simple as it is on the front-end. Towards that aim, we announced the Firebase Admin SDKs for Node.js and Java at the Firebase Dev Summit in Berlin earlier this week.
What are the Admin SDKs?
The Firebase Admin SDKs provide developers with programmatic, second-party access to Firebase services from server environments. Second-party here refers to the fact that the SDKs are granted elevated permissions that allow them to do more than a normal, untrusted client device can. The Admin SDKs get these elevated permissions since they are authenticated with a service account, a special Google account that can be used by applications to access Google services programmatically. The Admin SDKs are meant to complement the existing Firebase web and mobile clients which provide third-party, end-user access to Firebase services on client devices.
Some of this may sound familiar for those of you who have used the existing Firebase Node.js and Java SDKs. The difference is that we have now split the second-party (aka "admin") and third-party (aka "end-user") access use cases into separate SDKs instead of conflating them together. This should make it easier for beginners and experts alike to know which SDK to use and which documentation to follow. It also allows us to tailor the Admin SDKs towards server-specific use cases. A great example of this is the new user management auth API which we will go into in the next section.
What can the Admin SDKs do?
The Admin SDKs for Node.js and Java offer the following admin capabilities that already existed in the prior server SDKs:
In addition, the Node.js SDK brings some exciting new functionality:
How can I get started with the Admin SDKs?
The best place to start is with our Admin SDKs setup guide. The guide will walk you through how to download the SDK, generate a service account key file, and use that key file to initialize the Admin SDK. Thanks to our new Service Accounts panel in your Firebase Console settings, generating service account keys should be a breeze.
What's next for the Admin SDKs?
This is really just the beginning for the Admin SDKs. We plan to expand the Admin SDKs across two dimensions. Firstly, we want to provide Admin SDKs in more programming languages, allowing you to write code in the language you feel most comfortable. Secondly, we plan to integrate with more Firebase services, including adding support for services like Firebase Cloud Messaging and bringing the new user management API to Java.
Would you like us to build an Admin SDK in a particular language? Do you want the Admin SDKs to support a certain Firebase service or feature? Let us know in the comments below or by sending us a note through our feature request support channel.
We are excited to expand our first-class support for backend developers in the Firebase ecosystem. Stay tuned for more to come in the future!
Our goal with Firebase is to help developers build better apps and grow them into successful businesses. Six months ago at Google I/O, we took our well-loved backend-as-a-service (BaaS) and expanded it to 15 features to make it Google’s unified app development platform, available across iOS, Android, and the web.
We launched many new features at Google I/O, but our work didn’t stop there. Since then, we’ve learned a lot from you (750,000+ projects created on Firebase to date!) about how you’re using our platform and how we can improve it. Thanks to your feedback, today we’re launching a number of enhancements to Crash Reporting, Analytics, support for game developers and more. For more information on our announcements, tune in to the livestream video from Firebase Dev Summit in Berlin. They’re also listed here:
Often the hardest part about fixing an issue is reproducing it, so we’ve added rich context to each crash to make the process simple. Firebase Crash Reporting now shows Firebase Analytics event data in the logs for each crash. This gives you clarity into the state of your app leading up to an error. Things like which screens of your app were visited are automatically logged with no instrumentation code required. Crash logs will also display any custom events and parameters you explicitly log using Firebase Analytics. Firebase Crash Reporting works for both iOS and Android apps.
Glide, a popular live video messaging app, relies on Firebase Crash Reporting to ensure user quality and release agility. “No matter how much effort you put into testing, it will never be as thorough as millions of active users in different locations, experiencing a variety of network conditions and real life situations. Firebase allows us to rapidly gain trust in our new version during phased release, as well as accelerate the process of identifying core issues and providing quick solutions.” - Roi Ginat, Founder, Glide.
We want to help you deliver high-quality experiences, so testing your app before it goes into the wild is incredibly important. Firebase Test Lab allows you to easily test your app on many physical and virtual devices in the cloud, without writing a single line of test code. Beginning today, developers on the Spark service tier (which is free!) can run five tests per day on physical devices and ten tests per day on virtual devices—with no credit card setup required. We’ve also heard that you want more device options, so we’ve added 11 new popular Android device models to Test Lab, available today.
We know that your data is most actionable when you can see and process it as quickly as possible. Therefore, we’re announcing a number of features to help you maximize the potential of your analytics events:
We were happy to give you a sneak preview at the Firebase Dev Summit of a new feature we are now building, StreamView, which will offer a live, dynamic view of your analytics data as it streams in.
To further enhance your targeting options, we’ve improved the connection between Firebase Analytics and other Firebase features, such as Dynamic Links and Remote Config. For example, you can now use Dynamic Links on your Facebook business page, and we can identify Facebook as a source in Firebase Analytics reporting. Also, you can now target Remote Config changes by User Properties, in addition to Audiences.
Game developers are building great apps, and we want Firebase to work for you, too. We’ve built an entirely new plugin for Unity that supports Analytics, the Realtime Database, Authentication, Dynamic Links, Remote Config, Notifications and more. We've also expanded our C++ SDK with Realtime Database support.
FirebaseUI is a library that provides common UI elements when building apps, and it’s a quick way to integrate with Firebase. FirebaseUI 1.0 includes a drop-in UI flow for Firebase Authentication, with common identity providers such as Google, Facebook, and Twitter. FirebaseUI 1.0 also added features such as client-side joins and intersections for the Realtime Database, plus integrations with Glide and SDWebImage that make downloading and displaying images from Firebase Storage a cinch. Follow our progress or contribute to our Android, iOS, and Web components on Github.
We want to provide the best tool for developers, but it’s also important that we give resources and training to help you get more out of the platform. As such, we’ve created a new Udacity course: Firebase in a Weekend! It’s an instructor-led video course to help all developers get up and running with Firebase on iOS and Android, in two days.
Finally, to help wrap your head around all our announcements, we’ve created a new demo app. This is an easy way to see how Analytics, Crash Reporting, Test Lab, Notifications, and Remote Config work in a live environment, without having to write a line of code.
Helping developers build better apps and successful businesses is at the core of Firebase. We work hard on it every day. We love hearing your feedback and ideas for new features and improvements—and we hope you can see from the length of this post that we take them to heart! Follow us on Twitter, join our Slack channel, participate in our Google Group, and let us know what you think. We’re excited to see what you’ll build next!
In the past three posts, I've introduced readers to Pirate Metrics, and shown how you can boost your acquisition strategy and activation numbers with Firebase products.
In this post, we're going to talk about one of the biggest problems majority of apps face: retention. The hard truth is that most people tend to only use a few applications every week, abandoning a majority of them after just a few tries. This might happen even if you did successfully activate a user.
The goal, for any product, is to become a habit for their users. And, for a person to pick up new habits, they need the help of triggers. The best products carefully use external triggers — things like push notifications, E-mailers — at appropriate times which help building habits.
For years, we have offered powerful tools to help you build these experiences: Google Cloud Messaging. Cloud Messaging is now a part of the Firebase suite of SDKs, becoming even more powerful than before.
The key capability added, thanks to this change, is something we call Firebase Notifications. By simply adding the required dependency to your application, you can now send push notifications to your users straight from the Firebase console. But that's not all: you can target the notification to a required segment. For example, you can inform those users who have shown an interest in a particular product that you have a deal running in your E-commerce application.
While quite useful, particularly considering how little you need to do to add them to your app, sending Push Notifications is a manual process and best utilized for campaigns. To truly improve your product, you need to first understand when you tend to lose your users, and build a system that helps you retain them.
The first part can be solved using the cohorts from Firebase Analytics. Cohorts help you visualise your retention by showing you what percentage of users do you retain over a period of time, broken down by days or weeks. Most of your users are typically lost in the first couple of days, which is usually an issue with your activation strategy. However, this decline tends to flatten out.
While you should certainly work on your activation strategy to help improve your cohort numbers on the first couple of days, you also want to look at some way to improve the numbers a little later, such as around days 5-7. One fairly straightforward solution is to build an automated system that sends push notifications using Firebase Cloud Messaging to these users approximately a week after they sign up. Using some kind of flag for "last used time", you could also ensure this notification is only shown to those users who are at risk of being dropped off.
You could utilize this strategy for things like extending trial periods for users who haven't used your product enough, giving yourself an extended opportunity to convert them into paying customers. Deals of any other form (either for E-commerce products or for in-app products) are other ways.
A carefully crafted strategy could play a critical role in your overall business. Do be mindful of avoiding a spammy notification system: you'll probably annoy your users and increase your uninstall count.
There are additional possibilities as well. Firebase Analytics tracks uninstalled users for you using the automated event "app_remove". As mentioned in the second post on acquisition, you can create an audience for users who have fired this event and retarget them using Adwords.
Also, using Firebase App Indexing in your application would help highlight content from your service in Google search results for your users. This is particularly useful during the early phases of the user's time with you when they haven't quite developed a habit of using your application directly.
