Modernize Auth Without Changing Your Firebase Sessions

Descope External Tokens provide a seamless way to enhance authentication for apps built on Firebase by allowing developers to use Descope's flexible authentication flows while maintaining Firebase's session management capabilities. By integrating Descope with Firebase, developers can implement advanced authentication features such as passkeys and multi-factor authentication without compromising user experience or altering existing Firebase infrastructure. The process involves authenticating users through Descope Flows, obtaining an external token, and then using that token to create a Firebase session, ensuring that apps remain "Firebase authenticated." This method avoids the need for redirects or extensive backend modifications and can be set up through a Firebase External Token Connector that securely signs custom auth tokens. Alternatively, developers can configure Descope as a federated OpenID Connect (OIDC) identity provider for Firebase, though this involves OIDC redirects. Both methods enable a flexible approach to modernizing authentication while leveraging Firebase's robust backend services.