Up until recently I was able to run queries with the Firebase SDK using Node.js. Now I am getting a message that ACCESS_TOKEN_EXPIRED but I created a new key and the expiration is never.

If I see in my Firebase settings it shows:

So I create my key in json format and add it in my node.js as the image instructs.

var admin = require("firebase-admin");

const serviceAccount = require('pathtomykey.json'); 

admin.initializeApp({
    credential: admin.credential.cert(serviceAccount),
    databaseURL: ";
});

And I keep getting this response:

node:internal/process/promises:288
            triggerUncaughtException(err, true /* fromPromise */);
            ^
Error: 16 UNAUTHENTICATED: Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See .
     {
  code: 16,
  details: 'Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See .',
  metadata: Metadata {
    internalRepr: Map(4) {
      'google.rpc.errorinfo-bin' => [
        Buffer(125) [Uint8Array] [
           10, 
          ... 25 more items
        ]
      ],
      'grpc-status-details-bin' => [
        Buffer(385) [Uint8Array] [
           
          ... 285 more items
        ]
      ],
      'www-authenticate' => [ 'Bearer realm="/"' ],
      'x-debug-tracking-id' => [ '19025914238;o=1' ]
    },
    options: {}
  },
  statusDetails: [
    ErrorInfo {
      metadata: {
        method: 'google.firestore.v1.Firestore.RunQuery',
        service: 'firestore.googleapis'
      },
      reason: 'ACCESS_TOKEN_EXPIRED',
      domain: 'googleapis'
    }
  ],
  reason: 'ACCESS_TOKEN_EXPIRED',
  domain: 'googleapis',
  errorInfoMetadata: {
    method: 'google.firestore.v1.Firestore.RunQuery',
    service: 'firestore.googleapis'
  }
}

I tried by being logged in with my administrator account in my anization and also a service account. This used to work up until last year and I don't know what could it be that is happening. Can someone shed some light?

Up until recently I was able to run queries with the Firebase SDK using Node.js. Now I am getting a message that ACCESS_TOKEN_EXPIRED but I created a new key and the expiration is never.

If I see in my Firebase settings it shows:

So I create my key in json format and add it in my node.js as the image instructs.

var admin = require("firebase-admin");

const serviceAccount = require('pathtomykey.json'); 

admin.initializeApp({
    credential: admin.credential.cert(serviceAccount),
    databaseURL: "https://projectid-default-rtdb.firebaseio"
});

And I keep getting this response:

node:internal/process/promises:288
            triggerUncaughtException(err, true /* fromPromise */);
            ^
Error: 16 UNAUTHENTICATED: Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google/identity/sign-in/web/devconsole-project.
     {
  code: 16,
  details: 'Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google/identity/sign-in/web/devconsole-project.',
  metadata: Metadata {
    internalRepr: Map(4) {
      'google.rpc.errorinfo-bin' => [
        Buffer(125) [Uint8Array] [
           10, 
          ... 25 more items
        ]
      ],
      'grpc-status-details-bin' => [
        Buffer(385) [Uint8Array] [
           
          ... 285 more items
        ]
      ],
      'www-authenticate' => [ 'Bearer realm="https://accounts.google/"' ],
      'x-debug-tracking-id' => [ '19025914238;o=1' ]
    },
    options: {}
  },
  statusDetails: [
    ErrorInfo {
      metadata: {
        method: 'google.firestore.v1.Firestore.RunQuery',
        service: 'firestore.googleapis'
      },
      reason: 'ACCESS_TOKEN_EXPIRED',
      domain: 'googleapis'
    }
  ],
  reason: 'ACCESS_TOKEN_EXPIRED',
  domain: 'googleapis',
  errorInfoMetadata: {
    method: 'google.firestore.v1.Firestore.RunQuery',
    service: 'firestore.googleapis'
  }
}

I tried by being logged in with my administrator account in my anization and also a service account. This used to work up until last year and I don't know what could it be that is happening. Can someone shed some light?

• node.js
• firebase
• google-cloud-firestore
• firebase-admin

• 1 Have you checked the value of serviceAccount after the line, const serviceAccount = require('pathtomykey.json'); and confirmed that it contains the correct key? – Brian Burton Commented Feb 5 at 14:45
• 1 Can you see the keys in google cloud console service account page ? To see gcp service account page, you can click on Manage service account permissions of firebase service account settings page – Abdellatif Derbel Commented Feb 6 at 10:03
• Thank you both. They key is correct and I can see the key listed in GCP. I haven't changed anything. I logged out of gcloud and firebase and logged in again (several times actually) and in the most recent occasion I had to confirm the login with my phone. After a few days, today, now I can access as I had been doing. I did read a recent email about a new policy enforcing 2FA. But it's very recent. It may have been that, but there is no guarantee. – lesolorzanov Commented Feb 6 at 12:15

1 Answer 1

The problem was due to an external factor, a newly imposed 2FA.

• I logged out of gcloud and firebase.
• Logged back in and made sure it was the account associated with the firebase "project settings">"users and permissions"
• did firebase login again
• Accepted any request in the 2FA device
• The exact same code ran again