Restrict Firebase authentication to a certain domain

Question

I want to restrict the Firebase Authentication only by ne mail domain name, to make this mail access to my application :

[email protected]

I did this in the database side of firebase

{
  "rules": {
    ".read": "auth.token.email.endsWith('@exemple.fr')",
    ".write": "auth.token.email.endsWith('@exemple.fr')"
  }
}

I think i'm doing something wrong, thank you for your help.

You show "[email protected]" as your example, but your rules are showing "@exemple.fr". ".com" != ".fr" — Doug Stevenson, Oct 06 '17 at 22:27
I'm not sure why your rules don't work. But I'm quite certain the rules in my answer here work: https://stackoverflow.com/questions/36943350/how-do-i-lock-down-firebase-database-to-any-user-from-a-specific-email-domain — Frank van Puffelen, Oct 07 '17 at 02:53
I sort of want to do the same thing but I was more looking for a way to restrict other domains from signing up because that seems to make more sense to me. So I'm looking into firebase functions. — SEG.Veenstra, Mar 03 '19 at 06:35

score 2 · Answer 1 · answered Oct 07 '17 at 08:09

2

Try this

{
  "rules": {
    ".read": "auth.token.email.matches(/.*@exemple.fr$/)",
    ".write": "auth.token.email.matches(/.*@exemple.fr$/)"
   }
}

answered Oct 07 '17 at 08:09

Niraj Niroula

2,376
1
17
36

score 0 · Answer 2 · answered Jan 13 '21 at 07:32

this works for me and I am able to restrict logged in Google user to my org domain

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth.token.email.matches('.*@domain[.]com');
    }
  }
}

Restrict Firebase authentication to a certain domain

2 Answers2

Linked

Related