How to use a Firebase app without google_services.json?










0














I have the following issue. I have created a project using Firebase as my backend and someone is asking me for this project. I've sent him the project but without the google_services.json file. From know reasons, Android Studio is complaining that is unable to run the project because:



google_services.json file is missing


Is it save to send the google_services.json as well? If I'll send the file, will he be able to see all my databases? Or how can my friend use the app that I've sent to him?






android firebase firebase-realtime-database google-cloud-firestore







share|improve this question





















  • I don't think it's a bad thing to send your google_services.json.. since anybody could decompile your apk anytime. The main security you should do is the rules in firebase
    – Christophe Gudlake
    Nov 12 '18 at 17:20










  • You think or are you sure? There is no authentication in that app. There are only some reads.
    – Ioana P.
    Nov 12 '18 at 17:34







  • 1




    ok then just fix your firebase rules... but hey.. how do you manage your rules if there is no Auth ? read true, write false ?
    – Christophe Gudlake
    Nov 12 '18 at 17:38











  • I don't. That's why I said that there is no auth, it is just a simple app that reads some data.
    – Ioana P.
    Nov 12 '18 at 17:39















0














I have the following issue. I have created a project using Firebase as my backend and someone is asking me for this project. I've sent him the project but without the google_services.json file. From know reasons, Android Studio is complaining that is unable to run the project because:



google_services.json file is missing


Is it save to send the google_services.json as well? If I'll send the file, will he be able to see all my databases? Or how can my friend use the app that I've sent to him?






android firebase firebase-realtime-database google-cloud-firestore







share|improve this question





















  • I don't think it's a bad thing to send your google_services.json.. since anybody could decompile your apk anytime. The main security you should do is the rules in firebase
    – Christophe Gudlake
    Nov 12 '18 at 17:20










  • You think or are you sure? There is no authentication in that app. There are only some reads.
    – Ioana P.
    Nov 12 '18 at 17:34







  • 1




    ok then just fix your firebase rules... but hey.. how do you manage your rules if there is no Auth ? read true, write false ?
    – Christophe Gudlake
    Nov 12 '18 at 17:38











  • I don't. That's why I said that there is no auth, it is just a simple app that reads some data.
    – Ioana P.
    Nov 12 '18 at 17:39













0












0








0







I have the following issue. I have created a project using Firebase as my backend and someone is asking me for this project. I've sent him the project but without the google_services.json file. From know reasons, Android Studio is complaining that is unable to run the project because:



google_services.json file is missing


Is it save to send the google_services.json as well? If I'll send the file, will he be able to see all my databases? Or how can my friend use the app that I've sent to him?






android firebase firebase-realtime-database google-cloud-firestore







share|improve this question













I have the following issue. I have created a project using Firebase as my backend and someone is asking me for this project. I've sent him the project but without the google_services.json file. From know reasons, Android Studio is complaining that is unable to run the project because:



google_services.json file is missing


Is it save to send the google_services.json as well? If I'll send the file, will he be able to see all my databases? Or how can my friend use the app that I've sent to him?






android firebase firebase-realtime-database google-cloud-firestore




android firebase firebase-realtime-database google-cloud-firestore






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 12 '18 at 17:13









Ioana P.

361419




361419











  • I don't think it's a bad thing to send your google_services.json.. since anybody could decompile your apk anytime. The main security you should do is the rules in firebase
    – Christophe Gudlake
    Nov 12 '18 at 17:20










  • You think or are you sure? There is no authentication in that app. There are only some reads.
    – Ioana P.
    Nov 12 '18 at 17:34







  • 1




    ok then just fix your firebase rules... but hey.. how do you manage your rules if there is no Auth ? read true, write false ?
    – Christophe Gudlake
    Nov 12 '18 at 17:38











  • I don't. That's why I said that there is no auth, it is just a simple app that reads some data.
    – Ioana P.
    Nov 12 '18 at 17:39
















  • I don't think it's a bad thing to send your google_services.json.. since anybody could decompile your apk anytime. The main security you should do is the rules in firebase
    – Christophe Gudlake
    Nov 12 '18 at 17:20










  • You think or are you sure? There is no authentication in that app. There are only some reads.
    – Ioana P.
    Nov 12 '18 at 17:34







  • 1




    ok then just fix your firebase rules... but hey.. how do you manage your rules if there is no Auth ? read true, write false ?
    – Christophe Gudlake
    Nov 12 '18 at 17:38











  • I don't. That's why I said that there is no auth, it is just a simple app that reads some data.
    – Ioana P.
    Nov 12 '18 at 17:39















I don't think it's a bad thing to send your google_services.json.. since anybody could decompile your apk anytime. The main security you should do is the rules in firebase
– Christophe Gudlake
Nov 12 '18 at 17:20




I don't think it's a bad thing to send your google_services.json.. since anybody could decompile your apk anytime. The main security you should do is the rules in firebase
– Christophe Gudlake
Nov 12 '18 at 17:20












You think or are you sure? There is no authentication in that app. There are only some reads.
– Ioana P.
Nov 12 '18 at 17:34





You think or are you sure? There is no authentication in that app. There are only some reads.
– Ioana P.
Nov 12 '18 at 17:34





1




1




ok then just fix your firebase rules... but hey.. how do you manage your rules if there is no Auth ? read true, write false ?
– Christophe Gudlake
Nov 12 '18 at 17:38





ok then just fix your firebase rules... but hey.. how do you manage your rules if there is no Auth ? read true, write false ?
– Christophe Gudlake
Nov 12 '18 at 17:38













I don't. That's why I said that there is no auth, it is just a simple app that reads some data.
– Ioana P.
Nov 12 '18 at 17:39




I don't. That's why I said that there is no auth, it is just a simple app that reads some data.
– Ioana P.
Nov 12 '18 at 17:39












2 Answers
2






active

oldest

votes


















2















Is it save to send the google_services.json as well?




The google_services.json contains the configuration data that your app needs to find its Firebase project on the servers. Is does not automatically allow access to the project though.




If I'll send the [google_services.json] file, will he be able to see all my databases?




That depends on the security rules of your databases. If you've set them to be publicly readable, then your friend will be able to read/write to them. But so will everyone else who happens to discover the URL/ID of your project.



To prevent that you'll want to set specific access rules for your databases. To get started on these, I highly recommend reading the documentation on security rules for Realtime Database and Cloud Firestore. There's also a great video from the Firebase Summit last month: Five tips to secure your app.






share|improve this answer




















  • Yes, this what I need to do, I'll start with the documentation on security rules. Thank you for the helpful answer and useful resources.
    – Ioana P.
    Nov 12 '18 at 18:06


















1














Since you don't use any authentication, setup your rules as follow:




"rules": 
 
 ".read": true,
 ".write": false



There is no danger to give your google_services.json since it's attach to this database only. If you really want security, add the authentication and setup your rules.



Take note, now you won't be able to write data to your database except from the server side (firebase-admin in cloud functions). So you may create some cloud functions that will write the data you send via an http request for example.






share|improve this answer






















  • Thanks for you answer.
    – Ioana P.
    Nov 12 '18 at 18:07










Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53267004%2fhow-to-use-a-firebase-app-without-google-services-json%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes









2















Is it save to send the google_services.json as well?




The google_services.json contains the configuration data that your app needs to find its Firebase project on the servers. Is does not automatically allow access to the project though.




If I'll send the [google_services.json] file, will he be able to see all my databases?




That depends on the security rules of your databases. If you've set them to be publicly readable, then your friend will be able to read/write to them. But so will everyone else who happens to discover the URL/ID of your project.



To prevent that you'll want to set specific access rules for your databases. To get started on these, I highly recommend reading the documentation on security rules for Realtime Database and Cloud Firestore. There's also a great video from the Firebase Summit last month: Five tips to secure your app.






share|improve this answer




















  • Yes, this what I need to do, I'll start with the documentation on security rules. Thank you for the helpful answer and useful resources.
    – Ioana P.
    Nov 12 '18 at 18:06















2















Is it save to send the google_services.json as well?




The google_services.json contains the configuration data that your app needs to find its Firebase project on the servers. Is does not automatically allow access to the project though.




If I'll send the [google_services.json] file, will he be able to see all my databases?




That depends on the security rules of your databases. If you've set them to be publicly readable, then your friend will be able to read/write to them. But so will everyone else who happens to discover the URL/ID of your project.



To prevent that you'll want to set specific access rules for your databases. To get started on these, I highly recommend reading the documentation on security rules for Realtime Database and Cloud Firestore. There's also a great video from the Firebase Summit last month: Five tips to secure your app.






share|improve this answer




















  • Yes, this what I need to do, I'll start with the documentation on security rules. Thank you for the helpful answer and useful resources.
    – Ioana P.
    Nov 12 '18 at 18:06













2












2








2







Is it save to send the google_services.json as well?




The google_services.json contains the configuration data that your app needs to find its Firebase project on the servers. Is does not automatically allow access to the project though.




If I'll send the [google_services.json] file, will he be able to see all my databases?




That depends on the security rules of your databases. If you've set them to be publicly readable, then your friend will be able to read/write to them. But so will everyone else who happens to discover the URL/ID of your project.



To prevent that you'll want to set specific access rules for your databases. To get started on these, I highly recommend reading the documentation on security rules for Realtime Database and Cloud Firestore. There's also a great video from the Firebase Summit last month: Five tips to secure your app.






share|improve this answer













Is it save to send the google_services.json as well?




The google_services.json contains the configuration data that your app needs to find its Firebase project on the servers. Is does not automatically allow access to the project though.




If I'll send the [google_services.json] file, will he be able to see all my databases?




That depends on the security rules of your databases. If you've set them to be publicly readable, then your friend will be able to read/write to them. But so will everyone else who happens to discover the URL/ID of your project.



To prevent that you'll want to set specific access rules for your databases. To get started on these, I highly recommend reading the documentation on security rules for Realtime Database and Cloud Firestore. There's also a great video from the Firebase Summit last month: Five tips to secure your app.







share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 12 '18 at 17:52









Frank van Puffelen

228k28372397




228k28372397











  • Yes, this what I need to do, I'll start with the documentation on security rules. Thank you for the helpful answer and useful resources.
    – Ioana P.
    Nov 12 '18 at 18:06
















  • Yes, this what I need to do, I'll start with the documentation on security rules. Thank you for the helpful answer and useful resources.
    – Ioana P.
    Nov 12 '18 at 18:06















Yes, this what I need to do, I'll start with the documentation on security rules. Thank you for the helpful answer and useful resources.
– Ioana P.
Nov 12 '18 at 18:06




Yes, this what I need to do, I'll start with the documentation on security rules. Thank you for the helpful answer and useful resources.
– Ioana P.
Nov 12 '18 at 18:06













1














Since you don't use any authentication, setup your rules as follow:




"rules": 
 
 ".read": true,
 ".write": false



There is no danger to give your google_services.json since it's attach to this database only. If you really want security, add the authentication and setup your rules.



Take note, now you won't be able to write data to your database except from the server side (firebase-admin in cloud functions). So you may create some cloud functions that will write the data you send via an http request for example.






share|improve this answer






















  • Thanks for you answer.
    – Ioana P.
    Nov 12 '18 at 18:07















1














Since you don't use any authentication, setup your rules as follow:




"rules": 
 
 ".read": true,
 ".write": false



There is no danger to give your google_services.json since it's attach to this database only. If you really want security, add the authentication and setup your rules.



Take note, now you won't be able to write data to your database except from the server side (firebase-admin in cloud functions). So you may create some cloud functions that will write the data you send via an http request for example.






share|improve this answer






















  • Thanks for you answer.
    – Ioana P.
    Nov 12 '18 at 18:07













1












1








1






Since you don't use any authentication, setup your rules as follow:




"rules": 
 
 ".read": true,
 ".write": false



There is no danger to give your google_services.json since it's attach to this database only. If you really want security, add the authentication and setup your rules.



Take note, now you won't be able to write data to your database except from the server side (firebase-admin in cloud functions). So you may create some cloud functions that will write the data you send via an http request for example.






share|improve this answer














Since you don't use any authentication, setup your rules as follow:




"rules": 
 
 ".read": true,
 ".write": false



There is no danger to give your google_services.json since it's attach to this database only. If you really want security, add the authentication and setup your rules.



Take note, now you won't be able to write data to your database except from the server side (firebase-admin in cloud functions). So you may create some cloud functions that will write the data you send via an http request for example.







share|improve this answer














share|improve this answer



share|improve this answer








edited Nov 12 '18 at 18:07

























answered Nov 12 '18 at 17:47









Christophe Gudlake

604526




604526











  • Thanks for you answer.
    – Ioana P.
    Nov 12 '18 at 18:07
















  • Thanks for you answer.
    – Ioana P.
    Nov 12 '18 at 18:07















Thanks for you answer.
– Ioana P.
Nov 12 '18 at 18:07




Thanks for you answer.
– Ioana P.
Nov 12 '18 at 18:07

















draft saved

draft discarded
















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53267004%2fhow-to-use-a-firebase-app-without-google-services-json%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

這個網誌中的熱門文章

What does pagestruct do in Eviews?

圖片
0 I have a panel data with column name dateid and an ID variable crossid and several other variables over a period of time. What does the following command do in Eviews (I am very new to Eviews) pagestruct crossid @date(dateid) structure eviews share | improve this question edited Nov 12 at 4:19 asked Nov 8 at 9:13 Dom Jo 42 6 add a comment  |  0 I have a panel data with column name dateid and an ID variable crossid and several other variables over a period of time. What does the following command do in Eviews (I am very new to Eviews) pagestruct crossid @date(dateid) structure eviews share | improve this question edited Nov 12 at 4:19 asked Nov 8 at 9:13 Dom Jo 42 6 add a comment  |  0 0 0 I have a panel data with column name dateid and an ID variable crossid and several other variables over a period of time. Wh...
閱讀完整內容

Dutch intervention in Lombok and Karangasem

圖片
Dutch intervention in Lombok and Karangasem (1894) Attack of the Dutch on a Balinese stronghold in Lombok in 1894. Date July–November 1894 Location Lombok Result Decisive Dutch victory. Dutch control of Lombok and Karangasem. Belligerents Netherlands Eastern Sasak Lombok Mataram Western Sasak Commanders and leaders General-Major Jacobus Augustinus Vetter (Commander) General-Major P.P.H. van Ham (Second in command)   † Strength 2,200 (July expedition) Casualties and losses 500 (August 1894) 166 (November 1894) Thousands v t e Dutch interventions in Bali Northern Bali (1846) Northern Bali (1848) Bali (1849) Lombok and Karangasem (1894) Southern Bali (1906) Southern Bali (1908) v t e Dutch colonial campaigns 17th Century Bantam (1601) Malacca (1606) Cape Rachado (1606) Banda Islands (1621) Macau (1622) Pescadores (1622–1624) Bahia (1624) Persian Gulf (1625) Elmina (1625) Cuba (1628) Recife (1630) Albrolhos (1631) Liaoluo Bay (1633) Taiwan (1635–36) Lamey...
閱讀完整內容

Channel Islands

圖片
This article is about the Crown dependencies. For the islands off Southern California, see Channel Islands (California). For the French Channel Islands, see Chausey. Channel Islands Îles Anglo-Normandes    (French) Îles d'la Manche    (Norman) Satellite photo of the Channel Islands in 2012 Location of the Channel Islands Geography Location Western Europe Coordinates 49°26′N 2°19′W  /  49.433°N 2.317°W  / 49.433; -2.317 Coordinates: 49°26′N 2°19′W  /  49.433°N 2.317°W  / 49.433; -2.317 Adjacent bodies of water English Channel Total islands 8 inhabited Major islands Jersey and Guernsey Area 198 km 2 (76 sq mi) Highest point Les Platons Administration Bailiwick of Guernsey Capital and largest settlement Saint Peter Port, Guernsey Area covered 78 km 2 (30 sq mi;  7001394000000000000♠ 39.4%) Bailiwick ...
閱讀完整內容