Secure data in Cloud Firestore
Cloud Firestore offers robust access management and authenticationthrough two different methods, depending on the client libraries you use.
Formobile and web client libraries, useFirebase Authentication andCloud Firestore Security Rules to handle serverless authentication,authorization, and data validation. Learn how to secure your data for theAndroid, Apple, and Web client libraries withCloud Firestore Security Rules.
UseApp Check to help ensurethat only your app can access yourCloud Firestore data.
For your apps that useCloud Storage for Firebase, useCloud Firestore todefine conditions for access to yourCloud Storage resources in databasedocuments that can beaccessed byCloud Storage Security Rules.
Forserver client libraries, use Identity and Access Management (IAM)to manage access to your database. Learn howto secure your data for the Java, Python, Node.js, and Go client librarieswithIAM.
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-02-18 UTC.