Hello Firebase Community,
I’m encountering a persistent issue with my Next.js and Firebase application that’s resulting in HTTP 400 errors when trying to make calls to identitytoolkit.googleapis.com (for authentication) and firestore.googleapis.com (for Firestore Listen/Write operations).
Project Context:
- I’m using Next.js with the Firebase SDK (v11.8.0).
- The goal is to use Firebase Authentication (Email/Password) and Cloud Firestore.
- My
firebaseConfigin the client-side application has aprojectIdin the format[PROJECT_NAME]-[NUMERIC_SUFFIX](e.g.,myproject-123456). - The
apiKeyused in thefirebaseConfigwas obtained from my Firebase project settings in the Firebase Console.
Observed Issues (Browser Console Logs):
Failed to load resource: the server responded with a status of 400 ()for calls such as:
identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIza...(API Key partially obscured)- (and similar for
signInWithPassword,signUp)
GET/POST https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?... 400 (Bad Request)GET/POST https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?... 400 (Bad Request)- Consequently, I’m receiving
FirebaseError: Missing or insufficient permissions.errors when trying to read data from Firestore, even though my security rules should allow access for authenticated users. - Logs like
[AuthContext] User document for UID ... not found in Firestore during onSnapshot. Using Auth data as fallback.are also appearing, indicating that reading the user document is failing.
Troubleshooting Steps Already Taken:
- I’ve confirmed that the
projectIdin myfirebaseConfigexactly matches the full “Project ID” displayed in the Firebase Console project settings (format[PROJECT_NAME]-[NUMERIC_SUFFIX]). - In the Google Cloud Console, for the project with ID
[PROJECT_NAME]-[NUMERIC_SUFFIX]:- The “Identity Toolkit API” is ENABLED.
- The “Cloud Firestore API” is ENABLED.
- In the Firebase Console, the “Email/Password” authentication provider is ENABLED.
- Firestore security rules have been simplified for testing, allowing read/write for authenticated users (e.g.,
allow read, write: if request.auth != null;), but the 400 errors persist, suggesting the issue occurs before rule evaluation. - Crucial Point: In the Google Cloud Console, under “APIs & Services” > “Credentials” for the project
[PROJECT_NAME]-[NUMERIC_SUFFIX], the API Key that is in myfirebaseConfigis not listed. The “API Keys” section shows “No API keys to display.” - I’ve tried removing all restrictions (application and API restrictions) from other API keys that existed in the GCP project (though they were not the
firebaseConfigkey) and waited for propagation, without success. - Cleared browser cache, cookies, tested in incognito mode, and recreated test users multiple times.
My Main Suspicion: I believe the root problem is that the apiKey specified in my firebaseConfig (and provided by the Firebase Console) is not correctly provisioned or recognized within the Google Cloud Platform for the projectId [PROJECT_NAME]-[NUMERIC_SUFFIX].
Questions for the Community:
- Has anyone encountered a similar issue where the Firebase
apiKeydoesn’t appear or work correctly in GCP, even with the correctprojectIdand enabled APIs? - Are there any additional
apiKeyconfiguration steps in GCP that I might have missed, especially for an existing or newly set up Firebase project? - Is there a way to force a “resync” of
apiKeysettings between the Firebase Console and Google Cloud Console? - Any suggestions on how to better debug the exact cause of the “Bad Request” error coming from these Google APIs, beyond the browser console information?
Any help or guidance would be immensely appreciated, as I’m currently blocked by this issue.
Thank you!