Skip to main content
r/Firebase icon

r/Firebase

members
online
Feed About
Best
Open sort options
Change post view
Woke up to FCM issues this morning
u/alexwh68
Woke up to FCM issues this morning
Cloud Firestore

One or more errors occurred. (Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.)

A bit of background, this has been working fine, for many months, I am using C#, and it's just stopped on its own this morning, I have created a new private key, added that to the json file and it makes no difference at all the same error occurs.

I only use FCM for notifications on iOS and Android, so happy to look at alternatives for flutter/dart if there are any worth looking at.

Generate studio-quality, commercially-safe music for your content. Go from ideas to tracks instantly with Generate Soundtrack in Firefly.
Image Generate studio-quality, commercially-safe music for your content. Go from ideas to tracks instantly with Generate Soundtrack in Firefly.
firefly.adobe.com
Learn More
How do you prevent malicious users from spamming Firestore reads/writes and driving up costs?
u/VarietyGamerQuestion avatar u/VarietyGamerQuestion
How do you prevent malicious users from spamming Firestore reads/writes and driving up costs?
Cloud Firestore

Aside from routing reads and writes through Cloud Functions, what strategies have you used to provably prevent malicious users from spamming your Firestore database?

My main concern with my project right now is cost exposure — specifically, a bad actor intentionally driving up my bill by issuing excessive reads or writes.

I’m curious what approaches others have taken in production to mitigate this risk (security rules, rate limiting, auth strategies, monitoring, etc.), and what’s actually worked well in practice.

Thanks!