Firebase read permission denied when using auth security rules

264 Views Asked by Kieran Freitag At 06 November 2025 at 01:55

Data Structure:

root:
  lists:
    $list:
      pass: "VALU"

Rules Structure:

"rules": {
  "lists": {
    "$list": {
      ".read": "auth.token.name === data.child('pass').val()"
    }
  }
}

Javascript:

firebase.auth().signInAnonymously();

firebase.auth().currentUser.updateProfile({
    displayName: "VALU"
});

firebase.database().ref("lists/{$SomeList}").once('value').then([...]);
  // Throws error: permission denied

I'm very confused as to why the permission is denied. I made sure that the values for the displayName and the pass were the same, so I'm not sure as to why the comparison is returning false..

UPDATE: It seems that the auth variable in the security rules is not refreshing when the displayName is changed, any ideas on how to fix this?

Original Q&A

There are 1 best solutions below

bojeil On 21 December 2016 at 08:15 BEST ANSWER

Force token refresh on the user after updateProfile: firebase.auth().currentUser.getToken(true)

The idToken will be updated afterwards.

Firebase read permission denied when using auth security rules

Data Structure:

Rules Structure:

Javascript:

There are 1 best solutions below

Related Questions in JAVASCRIPT

Related Questions in FIREBASE

Related Questions in FIREBASE-REALTIME-DATABASE

Related Questions in FIREBASE-AUTHENTICATION

Related Questions in FIREBASE-SECURITY

Trending Questions

Popular # Hahtags

Popular Questions