Hello Firebase Community,
I’m encountering a persistent issue with my Next.js and Firebase application that’s resulting in HTTP 400 errors when trying to make calls to identitytoolkit.googleapis.com
(for authentication) and firestore.googleapis.com
(for Firestore Listen/Write operations).
Project Context:
- I’m using Next.js with the Firebase SDK (v11.8.0).
- The goal is to use Firebase Authentication (Email/Password) and Cloud Firestore.
- My
firebaseConfig
in the client-side application has aprojectId
in the format[PROJECT_NAME]-[NUMERIC_SUFFIX]
(e.g.,myproject-123456
). - The
apiKey
used in thefirebaseConfig
was obtained from my Firebase project settings in the Firebase Console.
Observed Issues (Browser Console Logs):
Failed to load resource: the server responded with a status of 400 ()
for calls such as:
identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIza...
(API Key partially obscured)- (and similar for
signInWithPassword
,signUp
)
GET/POST https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?... 400 (Bad Request)
GET/POST https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?... 400 (Bad Request)
- Consequently, I’m receiving
FirebaseError: Missing or insufficient permissions.
errors when trying to read data from Firestore, even though my security rules should allow access for authenticated users. - Logs like
[AuthContext] User document for UID ... not found in Firestore during onSnapshot. Using Auth data as fallback.
are also appearing, indicating that reading the user document is failing.
Troubleshooting Steps Already Taken:
- I’ve confirmed that the
projectId
in myfirebaseConfig
exactly matches the full “Project ID” displayed in the Firebase Console project settings (format[PROJECT_NAME]-[NUMERIC_SUFFIX]
). - In the Google Cloud Console, for the project with ID
[PROJECT_NAME]-[NUMERIC_SUFFIX]
:- The “Identity Toolkit API” is ENABLED.
- The “Cloud Firestore API” is ENABLED.
- In the Firebase Console, the “Email/Password” authentication provider is ENABLED.
- Firestore security rules have been simplified for testing, allowing read/write for authenticated users (e.g.,
allow read, write: if request.auth != null;
), but the 400 errors persist, suggesting the issue occurs before rule evaluation. - Crucial Point: In the Google Cloud Console, under “APIs & Services” > “Credentials” for the project
[PROJECT_NAME]-[NUMERIC_SUFFIX]
, the API Key that is in myfirebaseConfig
is not listed. The “API Keys” section shows “No API keys to display.” - I’ve tried removing all restrictions (application and API restrictions) from other API keys that existed in the GCP project (though they were not the
firebaseConfig
key) and waited for propagation, without success. - Cleared browser cache, cookies, tested in incognito mode, and recreated test users multiple times.
My Main Suspicion: I believe the root problem is that the apiKey
specified in my firebaseConfig
(and provided by the Firebase Console) is not correctly provisioned or recognized within the Google Cloud Platform for the projectId
[PROJECT_NAME]-[NUMERIC_SUFFIX]
.
Questions for the Community:
- Has anyone encountered a similar issue where the Firebase
apiKey
doesn’t appear or work correctly in GCP, even with the correctprojectId
and enabled APIs? - Are there any additional
apiKey
configuration steps in GCP that I might have missed, especially for an existing or newly set up Firebase project? - Is there a way to force a “resync” of
apiKey
settings between the Firebase Console and Google Cloud Console? - Any suggestions on how to better debug the exact cause of the “Bad Request” error coming from these Google APIs, beyond the browser console information?
Any help or guidance would be immensely appreciated, as I’m currently blocked by this issue.
Thank you!