Bringing Firebase Admin To Python

After announcing the Firebase Admin SDKs for Node.js and Java at the Firebase Dev Summit in Berlin last year, we received many feature requests to bring the platform to Python developers as well. Now, we’re pleased to announce that first release of the Firebase Admin Python SDK, focusing on Firebase Auth token minting and verification. 

What are the Admin SDKs?

The Firebase Admin SDKs provide developers with programmatic, second-party auth access to Firebase services from trusted environments. Second-party here refers to the fact that the SDKs are granted elevated permissions that allow them to do more than a normal, untrusted client device can. The Admin SDKs get these elevated permissions since they are authenticated with a service account, a special Google account that can be used by applications to access Google services programmatically. The Admin SDKs are meant to complement the existing Firebase web and mobile clients which provide third-party, end-user access to Firebase services on client devices.

What is available in the Admin Python SDK?

As with the other Firebase Admin SDKs, the Python SDK can be initialized using a variety of built-in credential types. The following code shows how to authenticate the SDK using your own service account key file:

import firebase_admin
from firebase_admin import credentials

cred = credentials.Certificate("path/to/service.json")
firebase_admin.initialize_app(cred)

If you are running your code on Google infrastructure, such as Google App Engine or Google Compute Engine, the SDK can auto-discover the credential, allowing you to initialize the SDK with no arguments:

firebase_admin.initialize_app() 

The Python Admin SDK contains Firebase Auth custom token minting and ID token verification. The custom token minting gives you complete control over authentication by allowing you to authenticate users or devices using your own authentication system.

uid = "some-uid"
additional_claims = {
  "premiumAccount": True
}

custom_token = auth.create_custom_token(uid, additional_claims)

ID token verification allows you to securely identify the currently signed-in user on your server.

decoded_token = auth.verify_id_token(id_token)
uid = decoded_token["uid"]

The best place to start is with our Admin SDKs setup guide. The guide will walk you through how to download the SDK, generate a service account key file, and use that key file to initialize the Admin SDK.

What is coming next?

We plan to continue to build out the Admin Python SDK to include features already available in the other Admin SDKs, such as a user management API and an FCM API to send messages. We also plan to bring these token minting and verification features to even more languages. To see what APIs are available in each of the Admin SDKs, see our new feature matrix.

To all those Python developers out there, happy hacking!