'Firebase console security & Firestore rules best practices

Looking for best practices info on securing Firebase console. I'm building an application with sensitive data in Firestore. We've got good rules around client access - but my concern is how to secure Firebase console. It doesn't seem that Firestore rules apply in console (I can understand that). But I haven't seen anyway to add granular security in console. It seems that if I give a user View access, they have everything.

Is there a way to get granular with what a console user has access to?

firebasegoogle-cloud-firestorefirebase-securityfirebase-console


Solution 1:[1]

There isn't any security rules concept for Firebase console. You should only add authorized users to your Firebase project's team. If you need to restrict access without building a custom client yourself, try using a CMS like Flamelink.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Dharmaraj

Related Questions

How to use use Firestore document field's HashMap key value and populate recyclerview?

How to set up Firebase Push Notification with Deep Link with Unity3D

Xcode build is missing expected TARGET_BUILD_DIR build setting

How to get TypeScript to recognize firebase import

FirebaseMessagingService Illegal Access

How do I access data from a top-level document in a Cloud firestore trigger with Cloud functions?

Firebase push notifications stops working after some time for all users in my Flutter app. Is this correct flutter fcm implementation?

Firebase deploy node modules issue

React-router did not work on production

In new Firebase, how to use multiple config file in xcode?

Flutter Firebase foreground push notification not showing but background is working

Datatables search, filter, and export with Firebase

Can't fill array with firestore data

"No such module 'Firebase'" when add Firebase into a library

FCM notification not retrieve when app is closed