Gets the auth object for the default Firebase app.The default Firebase app must have already been configured or an exception will be raised.

Declaration

+(nonnullFIRAuth*)auth;

Gets the auth object for aFirebaseApp.

Declaration

+(nonnullFIRAuth*)authWithApp:(nonnullFIRApp*)app;

Parameters

Return Value

TheAuth instance associated with the given app.

Gets theFirebaseApp object that this auth object is connected to.

Declaration

@property(nonatomic,weak,readonly,nullable)FIRApp*app;

Synchronously gets the cached current user, or null if there is none.

Declaration

@property(nonatomic,strong,readonly,nullable)FIRUser*currentUser;

The current user language code. This property can be set to the app’s current language by callinguseAppLanguage().

The string used to set this property must be a language code that follows BCP 47.

Declaration

@property(nonatomic,copy,nullable)NSString*languageCode;

Contains settings related to the auth object.

Declaration

@property(nonatomic,copy,nullable)FIRAuthSettings*settings;

The current user access group that the Auth instance is using. Default is nil.

Declaration

@property(nonatomic,copy,readonly,nullable)NSString*userAccessGroup;

Contains shareAuthStateAcrossDevices setting related to the auth object.If userAccessGroup is not set, setting shareAuthStateAcrossDevices will have no effect. You should set shareAuthStateAcrossDevices to it’s desired state and then set the userAccessGroup after.

Declaration

@property(nonatomic)BOOLshareAuthStateAcrossDevices;

The tenant ID of the auth instance. nil if none is available.

Declaration

@property(nonatomic,copy,nullable)NSString*tenantID;

The APNs token used for phone number authentication. The type of the token (production or sandbox) will be automatically detected based on your provisioning profile. This property is available on iOS only.If swizzling is disabled, the APNs Token must be set for phone number auth to work, by either setting this property or by callingsetAPNSToken(_:type:).

Declaration

@property(nonatomic,strong,nullable)NSData*APNSToken;

The custom authentication domain used to handle all sign-in redirects. End-users will see this domain when signing in. This domain must be allowlisted in the Firebase Console.

Declaration

@property(nonatomic,copy,nullable)NSString*customAuthDomain;

Please access auth instances usingAuth.auth() andAuth.auth(app:).

Declaration

-(nonnullinstancetype)init;

Sets thecurrentUser on the receiver to the provided user object.

Declaration

-(void)updateCurrentUser:(nonnullFIRUser*)usercompletion:(nullablevoid(^)(NSError*_Nullable))completion;

Parameters

[Deprecated] Fetches the list of all sign-in methods previously used for the providedemail address. This method returns an empty list whenEmail EnumerationProtectionis enabled, irrespective of the number of authentication methods available for the given email.

Possible error codes:

+`AuthErrorCodeInvalidEmail`-Indicatestheemailaddressismalformed.

SeeAuthErrors for a list of error codes that are common to all API methods.

Declaration

-(void)fetchSignInMethodsForEmail:(nonnullNSString*)emailcompletion:(nullablevoid(^)(NSArray<NSString*>*_Nullable,NSError*_Nullable))completion;

Parameters

Signs in using an email address and password. WhenEmail EnumerationProtectionis enabled, this method fails with FIRAuthErrorCodeInvalidCredentials in case of an invalidemail/password.

Possible error codes:

+`AuthErrorCodeOperationNotAllowed`-Indicatesthatemailandpasswordaccountsarenotenabled.EnablethemintheAuthsectionoftheFirebaseconsole.+`AuthErrorCodeUserDisabled`-Indicatestheuser'saccountisdisabled.+`AuthErrorCodeWrongPassword`-Indicatestheuserattemptedsigninwithanincorrectpassword.+`AuthErrorCodeInvalidEmail`-Indicatestheemailaddressismalformed.

SeeAuthErrors for a list of error codes that are common to all API methods.

Declaration

-(void)signInWithEmail:(nonnullNSString*)emailpassword:(nonnullNSString*)passwordcompletion:(nullablevoid(^)(FIRAuthDataResult*_Nullable,NSError*_Nullable))completion;

Parameters

Signs in using an email address and email sign-in link.

Possible error codes:

+`AuthErrorCodeOperationNotAllowed`-Indicatesthatemailandemailsign-inlinkaccountsarenotenabled.EnablethemintheAuthsectionoftheFirebaseconsole.+`AuthErrorCodeUserDisabled`-Indicatestheuser'saccountisdisabled.+`AuthErrorCodeInvalidEmail`-Indicatestheemailaddressisinvalid.

SeeAuthErrors for a list of error codes that are common to all API methods.

Declaration

-(void)signInWithEmail:(nonnullNSString*)emaillink:(nonnullNSString*)linkcompletion:(nullablevoid(^)(FIRAuthDataResult*_Nullable,NSError*_Nullable))completion;

Parameters

Signs in using the provided auth provider instance. This method is available on iOS, macOS Catalyst, and tvOS only.

Possible error codes:

• AuthErrorCodeOperationNotAllowed - Indicates that email and password accounts are not enabled. Enable them in the Auth section of the Firebase console.
• AuthErrorCodeUserDisabled - Indicates the user’s account is disabled.
• AuthErrorCodeWebNetworkRequestFailed - Indicates that a network request within a SFSafariViewController or WKWebView failed.
• AuthErrorCodeWebInternalError - Indicates that an internal error occurred within a SFSafariViewController or WKWebView.
• AuthErrorCodeWebSignInUserInteractionFailure - Indicates a general failure during a web sign-in flow.
• AuthErrorCodeWebContextAlreadyPresented - Indicates that an attempt was made to present a new web context while one was already being presented.
• AuthErrorCodeWebContextCancelled - Indicates that the URL presentation was cancelled prematurely by the user.
• AuthErrorCodeAccountExistsWithDifferentCredential - Indicates the email asserted by the credential (e.g. the email in a Facebook access token) is already in use by an existing account, that cannot be authenticated with this sign-in method. Call fetchProvidersForEmail for this user’s email and then prompt them to sign in with any of the sign-in providers returned. This error will only be thrown if the “One account per email address” setting is enabled in the Firebase console, under Auth settings.

SeeAuthErrors for a list of error codes that are common to all API methods.

Declaration

-(void)signInWithProvider:(nonnullid<FIRFederatedAuthProvider>)providerUIDelegate:(nullableid<FIRAuthUIDelegate>)UIDelegatecompletion:(nullablevoid(^)(FIRAuthDataResult*_Nullable,NSError*_Nullable))completion;

Parameters

Asynchronously signs in to Firebase with the given 3rd-party credentials (e.g. a Facebook login Access Token, a Google ID Token/Access Token pair, etc.) and returns additional identity provider data.

Possible error codes:

• AuthErrorCodeInvalidCredential - Indicates the supplied credential is invalid.This could happen if it has expired or it is malformed.
• AuthErrorCodeOperationNotAllowed - Indicates that accountswith the identity provider represented by the credential are not enabled.Enable them in the Auth section of the Firebase console.
• AuthErrorCodeAccountExistsWithDifferentCredential - Indicates the email assertedby the credential (e.g. the email in a Facebook access token) is already in use by anexisting account, that cannot be authenticated with this sign-in method. CallfetchProvidersForEmail for this user’s email and then prompt them to sign in with any ofthe sign-in providers returned. This error will only be thrown if the “One account peremail address” setting is enabled in the Firebase console, under Auth settings.
• AuthErrorCodeUserDisabled - Indicates the user’s account is disabled.
• AuthErrorCodeWrongPassword - Indicates the user attempted sign in with anincorrect password, if credential is of the type EmailPasswordAuthCredential.
• AuthErrorCodeInvalidEmail - Indicates the email address is malformed.
• AuthErrorCodeMissingVerificationID - Indicates that the phone auth credential wascreated with an empty verification ID.
• AuthErrorCodeMissingVerificationCode - Indicates that the phone auth credentialwas created with an empty verification code.
• AuthErrorCodeInvalidVerificationCode - Indicates that the phone auth credentialwas created with an invalid verification Code.
• AuthErrorCodeInvalidVerificationID - Indicates that the phone auth credential wascreated with an invalid verification ID.
• AuthErrorCodeSessionExpired - Indicates that the SMS code has expired.

SeeAuthErrors for a list of error codes that are common to all API methods

Declaration

-(void)signInWithCredential:(nonnullFIRAuthCredential*)credentialcompletion:(nullablevoid(^)(FIRAuthDataResult*_Nullable,NSError*_Nullable))completion;

Parameters

Asynchronously creates and becomes an anonymous user.

If there is already an anonymous user signed in, that user will be returned instead. If there is any other existing user signed in, that user will be signed out.

Possible error codes:

+`AuthErrorCodeOperationNotAllowed`-Indicatesthatanonymousaccountsarenotenabled.EnablethemintheAuthsectionoftheFirebaseconsole.

SeeAuthErrors for a list of error codes that are common to all API methods.

Declaration

-(void)signInAnonymouslyWithCompletion:(nullablevoid(^)(FIRAuthDataResult*_Nullable,NSError*_Nullable))completion;

Parameters

Asynchronously signs in to Firebase with the given Auth token.

Possible error codes:

+`AuthErrorCodeInvalidCustomToken`-Indicatesavalidationerrorwiththecustomtoken.+`AuthErrorCodeCustomTokenMismatch`-IndicatestheserviceaccountandtheAPIkeybelongtodifferentprojects.

SeeAuthErrors for a list of error codes that are common to all API methods.

Declaration

-(void)signInWithCustomToken:(nonnullNSString*)tokencompletion:(nullablevoid(^)(FIRAuthDataResult*_Nullable,NSError*_Nullable))completion;

Parameters

Creates and, on success, signs in a user with the given email address and password.

Possible error codes:

+`AuthErrorCodeInvalidEmail`-Indicatestheemailaddressismalformed.+`AuthErrorCodeEmailAlreadyInUse`-Indicatestheemailusedtoattemptsignupalreadyexists.CallfetchProvidersForEmailtocheckwhichsign-inmechanismstheuserused,andprompttheusertosigninwithoneofthose.+`AuthErrorCodeOperationNotAllowed`-Indicatesthatemailandpasswordaccountsarenotenabled.EnablethemintheAuthsectionoftheFirebaseconsole.+`AuthErrorCodeWeakPassword`-Indicatesanattempttosetapasswordthatisconsideredtooweak.TheNSLocalizedFailureReasonErrorKeyfieldintheNSError.userInfodictionaryobjectwillcontainmoredetailedexplanationthatcanbeshowntotheuser.

SeeAuthErrors for a list of error codes that are common to all API methods.

Declaration

-(void)createUserWithEmail:(nonnullNSString*)emailpassword:(nonnullNSString*)passwordcompletion:(nullablevoid(^)(FIRAuthDataResult*_Nullable,NSError*_Nullable))completion;

Parameters

Resets the password given a code sent to the user outside of the app and a new password for the user.

Possible error codes:

+`AuthErrorCodeWeakPassword`-Indicatesanattempttosetapasswordthatisconsideredtooweak.+`AuthErrorCodeOperationNotAllowed`-Indicatestheadministratordisabledsigninwiththespecifiedidentityprovider.+`AuthErrorCodeExpiredActionCode`-IndicatestheOOBcodeisexpired.+`AuthErrorCodeInvalidActionCode`-IndicatestheOOBcodeisinvalid.

SeeAuthErrors for a list of error codes that are common to all API methods.

Declaration

-(void)confirmPasswordResetWithCode:(nonnullNSString*)codenewPassword:(nonnullNSString*)newPasswordcompletion:(nonnullvoid(^)(NSError*_Nullable))completion;

Parameters

Checks the validity of an out of band code.

Declaration

-(void)checkActionCode:(nonnullNSString*)codecompletion:(nonnullvoid(^)(FIRActionCodeInfo*_Nullable,NSError*_Nullable))completion;

Parameters

Checks the validity of a verify password reset code.

Declaration

-(void)verifyPasswordResetCode:(nonnullNSString*)codecompletion:(nonnullvoid(^)(NSString*_Nullable,NSError*_Nullable))completion;

Parameters

Applies out of band code.

This method will not work for out of band codes which require an additional parameter, such as password reset code.

Declaration

-(void)applyActionCode:(nonnullNSString*)codecompletion:(nonnullvoid(^)(NSError*_Nullable))completion;

Parameters

Initiates a password reset for the given email address. This method does not throw anerror when there’s no user account with the given email address andEmail EnumerationProtectionis enabled.

Possible error codes:

+`AuthErrorCodeInvalidRecipientEmail`-Indicatesaninvalidrecipientemailwassentintherequest.+`AuthErrorCodeInvalidSender`-Indicatesaninvalidsenderemailissetintheconsoleforthisaction.+`AuthErrorCodeInvalidMessagePayload`-Indicatesaninvalidemailtemplateforsendingupdateemail.

Declaration

-(void)sendPasswordResetWithEmail:(nonnullNSString*)emailcompletion:(nullablevoid(^)(NSError*_Nullable))completion;

Parameters

Initiates a password reset for the given email address andActionCodeSettings object.

Possible error codes:

+`AuthErrorCodeInvalidRecipientEmail`-Indicatesaninvalidrecipientemailwassentintherequest.+`AuthErrorCodeInvalidSender`-Indicatesaninvalidsenderemailissetintheconsoleforthisaction.+`AuthErrorCodeInvalidMessagePayload`-Indicatesaninvalidemailtemplateforsendingupdateemail.+`AuthErrorCodeMissingIosBundleID`-IndicatesthattheiOSbundleIDismissingwhen`handleCodeInApp`issettotrue.+`AuthErrorCodeMissingAndroidPackageName`-Indicatesthattheandroidpackagenameismissingwhenthe`androidInstallApp`flagissettotrue.+`AuthErrorCodeUnauthorizedDomain`-IndicatesthatthedomainspecifiedinthecontinueURLisnotallowlistedintheFirebaseconsole.+`AuthErrorCodeInvalidContinueURI`-IndicatesthatthedomainspecifiedinthecontinueURLisnotvalid.

Declaration

-(void)sendPasswordResetWithEmail:(nonnullNSString*)emailactionCodeSettings:(nonnullFIRActionCodeSettings*)actionCodeSettingscompletion:(nullablevoid(^)(NSError*_Nullable))completion;

Parameters

Sends a sign in with email link to provided email address.

Declaration

-(void)sendSignInLinkToEmail:(nonnullNSString*)emailactionCodeSettings:(nonnullFIRActionCodeSettings*)actionCodeSettingscompletion:(nullablevoid(^)(NSError*_Nullable))completion;

Parameters

Signs out the current user.

Possible error codes:

+`AuthErrorCodeKeychainError`-Indicatesanerroroccurredwhenaccessingthekeychain.The`NSLocalizedFailureReasonErrorKey`fieldinthe`userInfo`dictionarywillcontainmoreinformationabouttheerrorencountered.

Declaration

-(BOOL)signOut:(NSError*_Nullable*_Nullable)error;

Parameters

Return Value

@YES when the sign out request was successful. @NO otherwise.

Checks if link is an email sign-in link.

Declaration

-(BOOL)isSignInWithEmailLink:(nonnullNSString*)link;

Parameters

Return Value

Returns true when the link passed matches the expected format of an email sign-in link.

Registers a block as an “auth state did change” listener. To be invoked when:

• The block is registered as a listener,
• A user with a different UID from the current user has signed in, or

• The current user has signed out.

The block is invoked immediately after adding it according to it’s standard invocation semantics, asynchronously on the main thread. Users should pay special attention to making sure the block does not inadvertently retain objects which should not be retained by the long-lived block. The block itself will be retained byAuth until it is unregistered or until theAuth instance is otherwise deallocated.

Declaration

-(nonnullFIRAuthStateDidChangeListenerHandle)addAuthStateDidChangeListener:(nonnullvoid(^)(FIRAuth*_Nonnull,FIRUser*_Nullable))listener;

Parameters

Return Value

A handle useful for manually unregistering the block as a listener.

Unregisters a block as an “auth state did change” listener.

Declaration

-(void)removeAuthStateDidChangeListener:(nonnullFIRAuthStateDidChangeListenerHandle)listenerHandle;

Parameters

Registers a block as an “ID token did change” listener. To be invoked when:

• The block is registered as a listener,
• A user with a different UID from the current user has signed in,
• The ID token of the current user has been refreshed, or

• The current user has signed out.

The block is invoked immediately after adding it according to it’s standard invocation semantics, asynchronously on the main thread. Users should pay special attention to making sure the block does not inadvertently retain objects which should not be retained by the long-lived block. The block itself will be retained byAuth until it is unregistered or until theAuth instance is otherwise deallocated.

Declaration

-(nonnullFIRIDTokenDidChangeListenerHandle)addIDTokenDidChangeListener:(nonnullvoid(^)(FIRAuth*_Nonnull,FIRUser*_Nullable))listener;

Parameters

Return Value

A handle useful for manually unregistering the block as a listener.

Unregisters a block as an “ID token did change” listener.

Declaration

-(void)removeIDTokenDidChangeListener:(nonnullFIRIDTokenDidChangeListenerHandle)listenerHandle;

Parameters

SetslanguageCode to the app’s current language.

Declaration

-(void)useAppLanguage;

Configures Firebase Auth to connect to an emulated host instead of the remote backend.

Declaration

-(void)useEmulatorWithHost:(nonnullNSString*)hostport:(NSInteger)port;

Whether the specific URL is handled byAuth . This method is available on iOS only.

Declaration

-(BOOL)canHandleURL:(nonnullNSURL*)URL;

Parameters

Return Value

Whether or the URL is handled. YES means the URL is for Firebase Authso the caller should ignore the URL from further processing, and NO means thethe URL is for the app (or another library) so the caller should continue handlingthis URL as usual.If swizzling is disabled, URLs received by the application delegate must be forwardedto this method for phone number auth to work.

Sets the APNs token along with its type. This method is available on iOS only.If swizzling is disabled, the APNs Token must be set for phone number auth to work, by either setting calling this method or by setting theAPNSToken property.

Declaration

-(void)setAPNSToken:(nonnullNSData*)tokentype:(FIRAuthAPNSTokenType)type;

Whether the specific remote notification is handled byAuth . This method is available on iOS only.

Declaration

-(BOOL)canHandleNotification:(nonnullNSDictionary*)userInfo;

Parameters

Return Value

Whether or the notification is handled. A return value of true means the notification is for Firebase Auth so the caller should ignore the notification from further processing, and false means the notification is for the app (or another library) so the callershould continue handling this notification as usual.If swizzling is disabled, related remote notifications must be forwarded to this method for phone number auth to work.

Revoke the users token with authorization code.

Declaration

-(void)revokeTokenWithAuthorizationCode:(nonnullNSString*)authorizationCodecompletion:(nullablevoid(^)(NSError*_Nullable))completion;

Parameters

Initializes reCAPTCHA using the settings configured for the project ortenant.

If you change the tenant ID of theAuth instance, the configuration will bereloaded.

Declaration

-(void)initializeRecaptchaConfigWithCompletion:(nullablevoid(^)(NSError*_Nullable))completion;

Switch userAccessGroup and current user to the given accessGroup and the user stored in it.

Declaration

-(BOOL)useUserAccessGroup:(NSString*_Nullable)accessGrouperror:(NSError*_Nullable*_Nullable)outError;

Get the stored user in the given accessGroup.

Declaration

-(nullableFIRUser*)getStoredUserForAccessGroup:(NSString*_Nullable)accessGrouperror:(NSError*_Nullable*_Nullable)outError;