Authenticate with Firebase Anonymously Using JavaScript

You can useFirebase Authentication to create and use temporary anonymous accountsto authenticate with Firebase. These temporary anonymous accounts can be used toallow users who haven't yet signed up to your app to work with data protectedby security rules. If an anonymous user decides to sign up to your app, you canlink their sign-in credentials to the anonymousaccount so that they can continue to work with their protected data infuture sessions.

Before you begin

  1. Add Firebase to your JavaScript project.
  2. If you haven't yet connected your app to your Firebase project, do so from theFirebase console.
  3. Enable anonymous auth:
    1. In theFirebase console, open theAuth section.
    2. On theSign-in Methods page, enable theAnonymous sign-in method.
    3. Optional: If you've upgraded your project toFirebase Authentication with Identity Platform, you can enable automatic clean-up. When you enable this setting, anonymous accounts older than 30 days will be automatically deleted. In projects with automatic clean-up enabled, anonymous authentication will no longer count toward usage limits or billing quotas. SeeAutomatic clean-up.

Authenticate with Firebase anonymously

When a signed-out user uses an app feature that requires authentication withFirebase, sign in the user anonymously by completing the following steps:

  1. Call thesignInAnonymously method:

    Web

    import{getAuth,signInAnonymously}from"firebase/auth";constauth=getAuth();signInAnonymously(auth).then(()=>{// Signed in..}).catch((error)=>{consterrorCode=error.code;consterrorMessage=error.message;// ...});

    Web

    firebase.auth().signInAnonymously().then(()=>{// Signed in..}).catch((error)=>{varerrorCode=error.code;varerrorMessage=error.message;// ...});
    This is also where you can catch and handle errors. For a list of error codes have a look at theAuth Reference Docs.
  2. If thesignInAnonymously method completes without error, the observer registered in theonAuthStateChanged will trigger and you can get the anonymous user's account data from theUser object:

    Web

    import{getAuth,onAuthStateChanged}from"firebase/auth";constauth=getAuth();onAuthStateChanged(auth,(user)=>{if(user){// User is signed in, see docs for a list of available properties// https://firebase.google.com/docs/reference/js/auth.userconstuid=user.uid;// ...}else{// User is signed out// ...}});

    Web

    firebase.auth().onAuthStateChanged((user)=>{if(user){// User is signed in, see docs for a list of available properties// https://firebase.google.com/docs/reference/js/v8/firebase.Uservaruid=user.uid;// ...}else{// User is signed out// ...}});
To protect your project from abuse, Firebase limits the number of newemail/password and anonymous sign-ups that your application can have from thesame IP address in a short period of time. You can request and scheduletemporary changes to this quota from theFirebase console.

Convert an anonymous account to a permanent account

When an anonymous user signs up to your app, you might want to allow them tocontinue their work with their new account—for example, you might want tomake the items the user added to their shopping cart before they signed upavailable in their new account's shopping cart. To do so, complete the followingsteps:

  1. When the user signs up, complete the sign-in flow for the user's authentication provider up to, but not including, calling one of theAuth.signInWith methods. For example, get the user's Google ID token, Facebook access token, or email address and password.

  2. Get anAuthCredential for the new authentication provider:

    Google Sign-In

    Web

    import{GoogleAuthProvider}from"firebase/auth";constcredential=GoogleAuthProvider.credential(googleUser.getAuthResponse().id_token);

    Web

    varcredential=firebase.auth.GoogleAuthProvider.credential(googleUser.getAuthResponse().id_token);
    Facebook Login

    Web

    import{FacebookAuthProvider}from"firebase/auth";constcredential=FacebookAuthProvider.credential(response.authResponse.accessToken);

    Web

    varcredential=firebase.auth.FacebookAuthProvider.credential(response.authResponse.accessToken);
    Email-password sign-in

    Web

    import{EmailAuthProvider}from"firebase/auth";constcredential=EmailAuthProvider.credential(email,password);

    Web

    varcredential=firebase.auth.EmailAuthProvider.credential(email,password);

  3. Pass theAuthCredential object to the sign-in user'slink method:

    Web

    import{getAuth,linkWithCredential}from"firebase/auth";constauth=getAuth();linkWithCredential(auth.currentUser,credential).then((usercred)=>{constuser=usercred.user;console.log("Anonymous account successfully upgraded",user);}).catch((error)=>{console.log("Error upgrading anonymous account",error);});

    Web

    auth.currentUser.linkWithCredential(credential).then((usercred)=>{varuser=usercred.user;console.log("Anonymous account successfully upgraded",user);}).catch((error)=>{console.log("Error upgrading anonymous account",error);});

If the call tolink succeeds, the user's new account canaccess the anonymous account's Firebase data.

This technique can also be used tolink any two accounts.

Automatic clean-up

If you've upgraded your project toFirebase Authentication with Identity Platform, you can enable automatic clean-up in theFirebase console. When you enable this feature you allow Firebase to automatically delete anonymous accounts older than 30 days. In projects with automatic clean-up enabled, anonymous authentication will not count toward usage limits or billing quotas.

  • Any anonymous accounts created after enabling automatic clean-up might be automatically deleted any time after 30 days post-creation.
  • Existing anonymous accounts will be eligible for automatic deletion 30 days after enabling automatic clean-up.
  • If you turn automatic clean-up off, any anonymous accounts scheduled to be deleted will remain scheduled to be deleted.
  • If you "upgrade" an anonymous account by linking it to any sign-in method, the account will not get automatically deleted.

If you want to see how many users will be affected before you enable this feature, and you'veupgraded your project toFirebase Authentication with Identity Platform, you can filter byis_anon inCloudLogging.

Next steps

Now that users can authenticate with Firebase, you can control their access todata in your Firebase database usingFirebase rules.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026-02-05 UTC.