Firebase Auth

Firebase Auth is a common starting point for AI app prototypes and projects running on Google Cloud. Setup is fast, the SDKs are widely documented, and it integrates naturally with other Firebase and GCP services.

For basic AI applications — a user logs in, an LLM API is called in their session — Firebase Auth is adequate and friction-free. The problems emerge when agentic requirements arise: Firebase has no token delegation, no FGA, no human-in-the-loop support, and no agent-specific SDK.

Firebase ID tokens can be used to authenticate requests to backend services, but the authorization model is limited to Firebase's built-in rules and custom claims. For complex agent authorization patterns, teams typically end up building authorization logic in application code rather than relying on the identity layer.

Migration away from Firebase Auth is also non-trivial, which is worth considering before committing to it for an agentic architecture.

Agent-specific features:

• Firebase ID tokens for backend API authentication
• Custom claims for coarse-grained authorization
• Service account authentication for backend agents
• Integrates with Google Cloud IAM for GCP resource access