The Firebase Admin SDK for Go is now generally available. This is the fourth programming language to join our growing family of Admin SDKs, which already includes support for Java, Python and Node.js. Firebase Admin SDKs enable application developers to programmatically access Firebase services from trusted environments. They complement the Firebase client SDKs, which enable end users to access Firebase from their web browsers and mobile devices. The initial release of the Firebase Admin SDK for Go comes with some Firebase Authentication features: custom token minting and ID token verification.

Initializing the Admin SDK for Go

Similar to the other Firebase Admin SDKs, the Go Admin SDK can be initialized with a variety of authentication credentials and client options. The following code snippet shows how to initialize the SDK using a service account credential obtained from the Firebase console or the Google Cloud console:

import (
  "golang.org/x/net/context"

  firebase "firebase.google.com/go"
  "google.golang.org/api/option"
)

opt := option.WithCredentialsFile("path/to/key.json")
app, err := firebase.NewApp(context.Background(), nil, opt) 

If you are running your code on Google infrastructure, such as Google App Engine or Google Compute Engine, the SDK can auto-discover application default credentials from the environment. In this case you do not have to explicitly specify any credentials when initializing the Go Admin SDK:

import (
  "golang.org/x/net/context"

  firebase "firebase.google.com/go"
)

app, err := firebase.NewApp(context.Background(), nil) 

Minting Custom Tokens and Verifying ID Tokens

The initial release of the Firebase Admin SDK for Go comes with support for minting custom tokens and verifying Firebase ID tokens. The custom token minting allows you to authenticate users using your own user store or authentication mechanism:

client, err := app.Auth()
if err != nil {
  return err
}

claims := map[string]interface{}{
  "premium": true,
  "package": "gold",
}
token, err := client.CustomToken("some-uid", claims) 

The resulting custom token can be sent to a client device, where it can be used to initiate an authentication flow using a Firebase client SDK. On the other hand, the ID token verification facilitates securely identifying the currently signed in user on your server:

client, err := app.Auth()
if err != nil {
  return err
}

decoded, err := client.VerifyIDToken(idToken)
uid := decoded.UID 

To learn more about using the Firebase Admin SDK for Go, see our Admin SDK setup guide.

What’s Next?

We plan to further expand the capabilities of the Go Admin SDK by implementing other useful APIs such as user management and Firebase Cloud Messaging. This SDK is also open source. Therefore we welcome you to browse our Github repo and get involved in the development process by reporting issues and sending pull requests. To all Golang gophers out there, happy coding with Firebase!