Firebase Auth REST API

Name: Firebase Auth REST API API
Brand: Firebase Auth REST API
Availability: InStock

★ Only Publicly Available OpenAPI DocumentIdentity AuthAuthenticationapiKey9 EndpointsREST

For Agents

Sign users up, sign them in with email/password or OAuth/IdP, look up and update accounts, and send verification or password-reset emails through the Firebase Identity Toolkit.

Quickstart

Get started with Firebase Auth REST API in minutes using your preferred integration method.

# Add to your MCP client config (Claude Desktop, Cursor, Windsurf)
{
  "jentic": {
    "url": "https://api.jentic.com/mcp",
    "auth": "oauth"
  }
}

# Then ask your agent:
"sign in a user with email and password"

# → Jentic returns the GET /events tool with parameter schema, agent executes.

Capabilities

What an agent can do with Firebase Auth REST API API.

Authenticate existing users with email/password through /accounts:signInWithPassword

Exchange a server-minted custom token for a Firebase idToken via /accounts:signInWithCustomToken

GET STARTED

Start building with Firebase Auth REST API API

Explore with Jentic

View OpenAPI Document

Jentic publishes the only available OpenAPI document for Firebase Auth REST API, keeping it validated and agent-ready.

Jentic publishes the only available OpenAPI specification for Firebase Auth REST API, keeping it validated and agent-ready. The Firebase Auth REST API exposes the Google Identity Toolkit so applications and agents can sign users up with email/password, sign them in with OAuth/IdP or custom tokens, look up and update account profiles, and trigger out-of-band emails for verification or password reset. The nine-endpoint surface is the same one mobile and web SDKs sit on top of, making it suitable when an SDK is not available — in agents, server-side flows, or cross-platform automations.

Use Cases

Patterns agents use Firebase Auth REST API API for, with concrete tasks.

★ Server-Side Email/Password Auth

Implement email/password signup and sign-in from a backend or agent runtime that cannot use the client SDK. POST /accounts:signUp creates the user, /accounts:signInWithPassword authenticates returning users, and /accounts:sendOobCode triggers verification and reset emails. A simple auth service is live in a few hours.

POST /accounts:signUp with email='alice@acme.com' and a generated password, then POST /accounts:sendOobCode to send a verification email to that address

Federated Identity (Google, Apple, etc.)

Accept sign-in from federated identity providers by sending the IdP token to /accounts:signInWithIdp. Firebase verifies the IdP credential and returns its own idToken/refreshToken pair. Useful when an agent needs to act on behalf of a user authenticated via Google or Apple. Typically integrated in under a day per provider.

POST /accounts:signInWithIdp with postBody='id_token=GOOGLE_ID_TOKEN&providerId=google.com' and store the returned refreshToken for later session refresh

Custom Token Exchange

Use the Firebase Admin SDK to mint a custom token for a user authenticated by your own backend, then exchange it for a real Firebase idToken via /accounts:signInWithCustomToken. This bridges legacy auth systems into Firebase-secured services. Setup is roughly half a day including Admin SDK key handling.

Mint a custom token for userId 'u_42' with the Admin SDK, then POST /accounts:signInWithCustomToken with the token to get a usable idToken

AI Agent Identity Operations

Use Firebase Auth through Jentic so an agent can sign up users, send password-reset emails, or look up account state without managing the Identity Toolkit shape. Jentic exposes the nine endpoints as discoverable tools while keeping the API key in the vault, suitable for support-desk agents and onboarding bots. Get started at https://app.jentic.com/sign-up

Through Jentic, search 'send a password reset email', load the /accounts:sendOobCode schema, and execute with requestType=PASSWORD_RESET and email='user@example.com'

Key Endpoints

9 endpoints — jentic publishes the only available openapi specification for firebase auth rest api, keeping it validated and agent-ready.

METHOD

PATH

DESCRIPTION

POST

/accounts:signUp

POST

/accounts:signInWithPassword

POST

/accounts:signInWithIdp

POST

/accounts:signInWithCustomToken

Exchange a custom token for an idToken

POST

/accounts:lookup

Look up user account data

POST

/accounts:update

Update account profile or password

POST

/accounts:delete

Delete an account

POST

/accounts:sendOobCode

Send verification or password-reset email

POST

/accounts:signUp

POST

/accounts:signInWithPassword

POST

/accounts:signInWithIdp

POST

/accounts:signInWithCustomToken

Exchange a custom token for an idToken

POST

/accounts:lookup

Look up user account data

Why though Jentic?

Three things that make agents converge on Jentic-routed access.

Credential isolation

The Firebase Web API key lives encrypted in the Jentic vault. End-user idTokens are passed in request bodies at execution time and never persisted by Jentic beyond the call lifecycle.

Intent-based discovery

Agents search by intent (e.g. 'send a password reset email' or 'sign in with email and password') and Jentic returns the matching Identity Toolkit operation with its input schema.

Time to first call

Direct Firebase Auth REST integration: 1-2 days to wire signup, sign-in, refresh, and OOB code flows. Through Jentic: under 1 hour for the API surface.

Related APIs

Alternatives and complements available in the Jentic catalogue.

Complementary

Firebase Hosting API

Deploys the static site and channels that Firebase-authenticated users land on

Use Firebase Hosting alongside Firebase Auth for an end-to-end Firebase web app deployed from an agent

Complementary

Fire Financial Services Business API

Adds business banking actions for an authenticated end user in a fintech app

Pair when an authenticated Firebase user needs to perform banking actions through Fire

Complementary

Fitbit Web API

Different identity model (OAuth2) — useful as the data layer behind a Firebase-authenticated user profile

Use Fitbit for fitness data once the user is authenticated through Firebase in the consumer app

FAQs

Specific to using Firebase Auth REST API API through Jentic.

Why is there no official OpenAPI spec for Firebase Auth REST API?

Google does not publish an OpenAPI specification for the Firebase Auth REST surface. Jentic generates and maintains this spec so that AI agents and developers can call Firebase Auth REST API via structured tooling. It is validated against the live API and kept up to date. Get started at https://app.jentic.com/sign-up.

What authentication does the Firebase Auth REST API use?

The API uses an apiKey passed as the `key` query parameter on every call (the Web API key from the Firebase console). Through Jentic, the key sits in the encrypted vault and is appended at execution time. End-user credentials are still managed via the request body fields like email, password, or idToken.

Can I sign users up with email and password using the Firebase Auth REST API?

Yes. POST /accounts:signUp accepts email and password and returns idToken, refreshToken, and localId. Pair with POST /accounts:sendOobCode (requestType=VERIFY_EMAIL) to trigger the email verification flow.

What are the rate limits for the Firebase Auth REST API?

Identity Toolkit applies per-project quotas — typical defaults allow hundreds of requests per second per project, with per-IP throttling on signup and sign-in. The API returns standard 429 responses; check the Firebase console for project-specific limits.

How do I send a password reset email through Jentic?

Search Jentic for 'send a password reset email', load the /accounts:sendOobCode schema, and execute with requestType=PASSWORD_RESET and the user's email. Firebase delivers the reset email using your project's email template.

Can I use the Firebase Auth REST API server-side?

Yes — that is its primary use case. Mobile and web SDKs use it under the hood; calling it directly from a server or agent works well when an SDK is not available.