Credential Management

By default, when initialising firebase-nextjs using the NPX script, two credential files are added to your project.

Among the two, only firebase-service-account.json is sensitive in nature. The other file, firebase-app-config.js is only used for identification, and hence, is safe to be pushed to git and production.

Service Account Credentials

The file firebase-service-account.json contains the credentials for your firebase service account. This file alone provides complete access to your firebase project. It should not be checked into git or directly to production.

Instead, follow these steps to manage the service account credentials securely.

Step 1: Get the environment variable

You can generate an environment variable which holds the service account credentials by running this command

This will print the environment variable to your terminal. Copy it and apply it to where you are planning to deploy.

Step 2: Handle the credential file

Once you have the environment variable whereever you are planning to run the command, you can delete the firebase-service-account.json file.

Alternatively, you can add firebase-service-account.json to gitignore if you want to add env to production server only. This way, the credentials file will be used for local testing and env variable for production.

Authentication Provider Setup

Before deploying to production, you have to add the production domain url to firebase authentication.

Open firebase console. Go to Authentication. Go to Settings. Go to Authorized domains. Add the production domain url there.

With that, you are ready to push to production.