The Firebase Authentication has 5 user fields: Identifier, Providers, Created, Signed in, and User UID. What is the purpose of Identifier?
I am in the process of integrating SSO with Firebase using OIDC. The third-party does not provide an email address, so the Identifier field in Firebase is populated with a JSON object with the users name (e.g. {"first": "John", "last": "Doe"}). It is entirely possible that two users will have the same first and last name and therefore have the same identifier. Is this a problem with Firebase Authentication since the User UID is used for identification?
The Firebase Authentication has 5 user fields: Identifier, Providers, Created, Signed in, and User UID. What is the purpose of Identifier?
I am in the process of integrating SSO with Firebase using OIDC. The third-party does not provide an email address, so the Identifier field in Firebase is populated with a JSON object with the users name (e.g. {"first": "John", "last": "Doe"}). It is entirely possible that two users will have the same first and last name and therefore have the same identifier. Is this a problem with Firebase Authentication since the User UID is used for identification?
Share Improve this question asked Nov 19, 2024 at 20:41 JasonJason 4,1594 gold badges23 silver badges34 bronze badges3 Answers
Reset to default 0The "Identifier" field that you see in the console is not required to be unique among all users in a project. It's just something to display that should help you visually identify a user when you're using the console. In fact, it seems this "Identifier" is not even a required field.
For the purpose of implementing a custom auth provider, the only thing that must absolutely be unique among all users in a project is the UID.
From the Firebase documentation on users in Firebase projects:
Firebase users have a fixed set of basic properties—a unique ID, a primary email address, a name and a photo URL
The Identifier that you mentioned is typically set to the identifier of the first/primary provider. In practice this means that it's normally the email address of the user (as most providers use that as their primary identifier), unless the user is (or started out as) an anonymous user, in which case it'll be empty.
Unfortunately the details of the "Identifier" field appear to be undocumented.
It appears that if "Link accounts that use the same email" is enabled and the "Identifier" field is populated by email, than the "Identifier" field will be unique. If "Create multiple accounts for each identity provider" is enabled and the "Identifier" field is populated by email, than the "Identifier" field will not always be unique.
In my testing, if the "Identifier" field is populated by a value other than email, it does not need to be unique. To my knowledge, there is no side effects to this, but I have not fully tested it.
In some cases the "Identifier" field may be blank and represented by "---".
The "Identifier" field appears to primarily be a human-readable identifier.