FirebaseAuth

public void addAuthStateListener(@NonNullFirebaseAuth.AuthStateListener listener)

Registers a listener to changes in the user authentication state. There can be more than one listener registered at the same time for one or moreFirebaseAuth instances.

The listeners call back in the UI thread, on the following events:

• Right after the listener has been registered
• When a user signs in
• When the current user signs out
• When the current user changes

It is a recommended practice to always listen to sign-out events, as you may want to prompt the user to sign in again and maybe restrict the information or actions they have access to.

UseremoveAuthStateListener to unregister a listener.

SeeaddIdTokenListener if you want to listen to token refreshes.

See Also:AuthStateListener

public void addIdTokenListener(@NonNullFirebaseAuth.IdTokenListener listener)

Registers a listener to changes in the token authentication state. There can be more than one listener registered at the same time for one or moreFirebaseAuth instances.

The listeners call back in the UI thread, on the following events:

• Right after the listener has been registered
• When a user signs in
• When the current user signs out
• When the current user changes
• When there is a change in the current user's token

It is a recommended practice to always listen to sign-out events, as you may want to prompt the user to sign in again and maybe restrict the information or actions they have access to.

UseremoveIdTokenListener to unregister a listener.

SeeaddAuthStateListener if you do not want to listen to token refreshes.

See Also:IdTokenListener

public @NonNullTask<Void> applyActionCode(@NonNullString code)

Applies the givencode, which can be any out of band code which is valid according tocheckActionCode that does not also passverifyPasswordResetCode, which requires an additional parameter.

public @NonNullTask<ActionCodeResult> checkActionCode(@NonNullString code)

Checks that thecode given is valid. This code will have been generated bysendPasswordResetEmail orsendEmailVerification valid for a single use.

public @NonNullTask<Void> confirmPasswordReset(@NonNullString code, @NonNullString newPassword)

Changes the user's password tonewPassword for the account for which thecode is valid. Code validity can be checked withverifyPasswordResetCode. This use case is only valid for signed-out users, and behavior is undefined for signed-in users. Password changes for signed-in users should be made usingupdatePassword.

• IllegalArgumentException thrown if passed a nullcode or newPassword
• FirebaseAuthActionCodeException thrown if thecode is malformed or has expired.
• FirebaseAuthInvalidUserException thrown if the user corresponding to the given code has been disabled, or if there is no user corresponding to the given code.
• FirebaseAuthWeakPasswordException thrown if the givennewPassword is too weak.

See Also:

• verifyPasswordResetCode
• sendPasswordResetEmail

public @NonNullTask<AuthResult> createUserWithEmailAndPassword(
    @NonNullString email,
    @NonNullString password
)

Tries to create a new user account with the given email address and password. If successful, it also signs the user in into the app.

Access the signed-in user withgetCurrentUser.

Upon successful completion, this operation triggers anonIdTokenChanged event in all registered s and anonAuthStateChanged event in all registeredAuthStateListeners.

Important: you must enable Email &Password accounts in the Firebase console before you can use this method.

• FirebaseAuthWeakPasswordException thrown if the password is not strong enough
• FirebaseAuthInvalidCredentialsException thrown if theemail address is malformed
• FirebaseAuthUserCollisionException thrown if there already exists an account with the givenemail address

See Also:

• signInWithEmailAndPassword
• signInWithCredential
• signInAnonymously
• signInWithCustomToken

public @NonNullTask<SignInMethodQueryResult> fetchSignInMethodsForEmail(@NonNullString email)

Migrating off of this method is recommended as a security best-practice. Learn more in the Identity Platform documentation forEmail Enumeration Protection.

Returns a list of signin methods that can be used to sign in a given user (identified by its main email address). This will match thegetSignInMethod for the credential you would generate for the appropriate signin mechanism.

This method is useful when you support multiple authentication mechanisms if you want to implement an email-first authentication flow. It is also useful to resolve a thrown onsignInWithCredential.

• FirebaseAuthInvalidCredentialsException thrown if theemail address is malformed

public @NonNullFirebaseApp getApp()

Returns theFirebaseApp instance to which thisFirebaseAuth belongs.

public @NullableFirebaseUser getCurrentUser()

Returns the currently signed-inFirebaseUser or null if there is none.

UsegetCurrentUser() != null to check if a user is signed in.

public @NullableString getCustomAuthDomain()

Returns the custom auth domain previously set on this instance ornull if none was set.

public @NonNullFirebaseAuthSettings getFirebaseAuthSettings()

Returns theFirebaseAuthSettings instance for thisFirebaseAuth instance.

@Keep
public static @NonNullFirebaseAuth getInstance()

Returns an instance of this class corresponding to the defaultFirebaseApp instance.

Note: Firebase Authentication does not currently support Android Direct Boot.

For Applications that use Direct Boot, check if android.content.Context.isDeviceProtectedStorage isfalse before you callFirebaseAuth.getInstance().

@Keep
public static @NonNullFirebaseAuth getInstance(@NonNullFirebaseApp firebaseApp)

Returns an instance of this class corresponding to the givenFirebaseApp instance.

Note: Firebase Authentication does not currently support Android Direct Boot.

For Applications that use Direct Boot, check if android.content.Context.isDeviceProtectedStorage isfalse before you callFirebaseAuth.getInstance(firebaseApp).

public @NullableString getLanguageCode()

Returns the language code set insetLanguageCode.

public @NullableTask<AuthResult> getPendingAuthResult()

Returns aTask wrapping anAuthResult. This will return a non-null value if your app launches a web sign-in flow and the OS cleans up your hostingActivity while in the background (likely due to a low-memory event). The returned result is the value thatstartActivityForSignInWithProvider would have returned, which includes any Exceptions thrown. Otherwise, returns null.

This method will only return a non-null result for a sign-in once. A non-null value will only be present for suitably recent sign-ins to help prevent false positive sign-ins.

public @NullableString getTenantId()

Returns the Tenant ID previously set on this instance ornull if none was set.

public @NonNullTask<Void> initializeRecaptchaConfig()

Initializes the reCAPTCHA Enterprise client proactively to enhance reCAPTCHA signal collection and to complete reCAPTCHA-protected flows in a single attempt.

• FirebaseAuthException thrown on initialization failures. Common reasons are:
  • running on an unsupported API version (< 19, KITKAT).
  • the reCAPTCHA config fetch API call failed.
  • network errors causing other API call/download failures.

public boolean isSignInWithEmailLink(@NonNullString link)

Determines if the given link is a link intended for use withgetCredentialWithLink. These links are generated bysendSignInLinkToEmail.

public void removeAuthStateListener(
    @NonNullFirebaseAuth.AuthStateListener listener
)

Unregisters a listener to authentication changes.

See Also:AuthStateListener

public void removeIdTokenListener(@NonNullFirebaseAuth.IdTokenListener listener)

Unregisters a listener to authentication changes.

See Also:IdTokenListener

public @NonNullTask<Void> revokeAccessToken(@NonNullString accessToken)

Revokes the providedaccessToken. Currently supports revoking Apple-issuedaccessToken only.

public @NonNullTask<Void> sendPasswordResetEmail(@NonNullString email)

CallssendPasswordResetEmail without any ActionCodeSettings.

public @NonNullTask<Void> sendPasswordResetEmail(
    @NonNullString email,
    @NullableActionCodeSettings actionCodeSettings
)

Triggers the Firebase Authentication backend to send a password-reset email to the given email address, which must correspond to an existing user of your app. Takes in an which allows linking back to your app from the sent email.

• FirebaseAuthInvalidUserException thrown if there is no user corresponding to the givenemail address
• No exception will be thrown in the above case, whenEmail Enumeration Protection is enabled.

public @NonNullTask<Void> sendSignInLinkToEmail(
    @NonNullString email,
    @NonNullActionCodeSettings actionCodeSettings
)

Sends an email to the specified email which will contain a link to be used to sign in the user.

public void setCustomAuthDomain(@NonNullString domain)

Sets the custom auth domain that is used to handle all sign-in redirects. End-users will see this domain when signing in.

The domain must be allowlisted in the Firebase Console. If the domain contains a scheme (https:// orhttp://) or trailing slashes, they will be stripped off.

public @NonNullTask<Void> setFirebaseUIVersion(@NullableString firebaseUIVersion)

For internal use in FirebaseUI only.

public void setLanguageCode(@NonNullString languageCode)

Sets the user-facing language code for auth operations that can be internationalized, such assendEmailVerification. This language code should follow the conventions defined by the IETF in BCP47.

public void setTenantId(@NonNullString tenantId)

Sets the Tenant ID to be passed on all future sign-in/sign-up operations and sign in or sign up users to the specified project as identified by the tenant. If you change this field, future sign-in/sign-ups will contain the new value.

This is set to null as default and users are signed into the agent project.

Note: this is different from what the current user's Tenant ID is; you can change this instance's Tenant ID without affecting the current user.

public @NonNullTask<AuthResult> signInAnonymously()

Signs in the user anonymously without requiring any credential.

This method creates a new account in your Firebase Authentication system, except in the case where there was already an anonymous user signed in into this app. Access the signed-in user withgetCurrentUser.

Upon successful completion, this operation triggers anonIdTokenChanged event in all registered s and anonAuthStateChanged event in all registeredAuthStateListeners.

Anonymous users do not require any credential, and are useful in situations where you want to persist information about your users before asking them to sign in. For example, they may be useful when implementing a signed-out shopping cart in an e-commerce application.

Due to the unauthenticated nature of this kind of user, they are not transferrable across devices. In order to allow your app's users to keep their information, ask them to provide some other authentication credentials, and link them to the current user withlinkWithCredential.

Important: you must enable Anonymous accounts in the Firebase console before being able to use them.

• signInWithEmailAndPassword
• createUserWithEmailAndPassword
• signInWithCredential
• signInWithCustomToken

public @NonNullTask<AuthResult> signInWithCredential(@NonNullAuthCredential credential)

Tries to sign in a user with the givenAuthCredential.

Use this method to sign in a user into your Firebase Authentication system. First retrieve thecredential either directly from the user, in case ofEmailAuthCredential, or from a supported authentication SDK, such as Google Sign-In or Facebook. Later access the signed-in user withgetCurrentUser.

For allAuthCredential types exceptEmailAuthCredential, this method will create an account for the user in the case that it didn't exist before.

Important: you must configure the authentication providers in the Firebase console before you can use them.

• FirebaseAuthInvalidUserException thrown if the user account you are trying to sign in to has been disabled. Also thrown ifcredential is an EmailAuthCredential with an email address that does not correspond to an existing user.
• FirebaseAuthInvalidCredentialsException thrown if thecredential is malformed or has expired. Ifcredential instanceof EmailAuthCredential it will be thrown if the password is incorrect.
• FirebaseAuthUserCollisionException thrown if there already exists an account with the email address asserted by thecredential. Resolve this case by callingfetchSignInMethodsForEmail and then asking the user to sign in using one of them.

See Also:

• signInWithEmailAndPassword
• createUserWithEmailAndPassword
• signInAnonymously
• signInWithCustomToken

public @NonNullTask<AuthResult> signInWithCustomToken(@NonNullString token)

Tries to sign in a user with a given Custom Token.

Use this method after you retrieve a Firebase Auth Custom Token from your server, to sign in a user into your Firebase Authentication system. Access the signed-in user withgetCurrentUser.

Upon successful completion, this operation triggers anonIdTokenChanged event in all registered s and anonAuthStateChanged event in all registeredAuthStateListeners.

This operation might create an account if theuid specified in the token corresponds to a user without a record in the system.

Read how to use Custom Token authentication and the cases where it is useful inthe guides.

• FirebaseAuthInvalidCredentialsException thrown if thetoken format is incorrect or if it corresponds to a different Firebase App

• signInWithEmailAndPassword
• createUserWithEmailAndPassword
• signInWithCredential
• signInAnonymously

public @NonNullTask<AuthResult> signInWithEmailAndPassword(@NonNullString email, @NonNullString password)

Tries to sign in a user with the given email address and password.

Access the signed-in user withgetCurrentUser.

Upon successful completion, this operation triggers anonIdTokenChanged event in all registered s and anonAuthStateChanged event in all registeredAuthStateListeners.

This is equivalent to callingsignInWithCredential with an generated bygetCredential.

Important: you must enable Email &Password accounts in the Firebase console before being able to use this method.

• FirebaseAuthInvalidUserException thrown if the user account corresponding toemail does not exist or has been disabled
• FirebaseAuthInvalidCredentialsException thrown if thepassword is wrong
• WhenEmail Enumeration Protection is enabled,FirebaseAuthInvalidCredentialsException is thrown if theemail orpassword is invalid.

See also:

• createUserWithEmailAndPassword
• signInWithCredential
• signInAnonymously
• signInWithCustomToken

public @NonNullTask<AuthResult> signInWithEmailLink(@NonNullString email, @NonNullString link)

Tries to sign in a user with the given email address and link. This link should be generated bysendSignInLinkToEmail.

Access the signed-in user withgetCurrentUser.

Upon successful completion, this operation triggers anonIdTokenChanged event in all registered s and anonAuthStateChanged event in all registeredAuthStateListeners.

This is equivalent to callingsignInWithCredential with an generated bygetCredentialWithLink.

Important: you must enable Passwordless sign-in in the Firebase console before being able to use this method.

• FirebaseAuthInvalidUserException thrown if the user account corresponding toemail does not exist or has been disabled
• FirebaseAuthInvalidCredentialsException thrown if thepassword is wrong

See also:

• createUserWithEmailAndPassword
• signInWithCredential
• signInAnonymously
• signInWithCustomToken

public void signOut()

Signs out the current user and clears it from the disk cache.

Upon successful completion, this operation triggers anonIdTokenChanged event in all registered s and anonAuthStateChanged event in all registeredAuthStateListeners.

public @NonNullTask<AuthResult> startActivityForSignInWithProvider(
    @NonNullActivity activity,
    @NonNullFederatedAuthProvider federatedAuthProvider
)

Signs in the user using the mobile browser (either a Custom Chrome Tab or the device's default browser) for the givenprovider.

Note: this call has a UI associated with it, unlike the majority of calls in FirebaseAuth.

• FirebaseAuthInvalidCredentialsException thrown if the credential generated from the flow is malformed or expired.
• FirebaseAuthInvalidUserException thrown if the user has been disabled by an administrator.
• FirebaseAuthUserCollisionException thrown if the email that keys the user that is signing in is already in use.
• FirebaseAuthWebException thrown if there is an operation already in progress, the pending operation was canceled, there is a problem with 3rd party cookies in the browser, or some other error in the web context has occurred.
• FirebaseAuthException thrown if signing in via this method has been disabled in the Firebase Console, or if theprovider passed is configured improperly.

public @NonNullTask<Void> updateCurrentUser(@NonNullFirebaseUser user)

Sets the current user to a copy of the given user, but associated with this 'sFirebaseApp. If the given user isn't for this project, then a will be returned via the Task.

public void useAppLanguage()

Sets the user-facing language code to be the default app language.

public void useEmulator(@NonNullString host, int port)

Modifies this FirebaseAuth instance to communicate with the Firebase Authentication emulator.

Note: this must be called before this instance has been used to do any operations.

public @NonNullTask<String> verifyPasswordResetCode(@NonNullString code)

Checks that thecode is a valid password reset out of band code. This code will have been generated by a call tosendPasswordResetEmail, and is valid for a single use.