Firestore REST API with Firebase Id token

Question

I am trying to create new document at firestore, using bearer token, retrieved from from Auth SDK (ios, but actually I am using FirebaseAuth for osx, that's why I have no other choose except using REST, because there is no FirebaseFirestore support for osx).

The rules are

service cloud.firestore {
  match /databases/{database}/documents {    
    match /places {
      allow create, update, delete, read: if true;
    }
  }
}

For retrieving token

Auth.auth().currentUser?.getIDTokenForcingRefresh(true, completion ..

After I get token as a string and put it to header Authorization: Bearer MY_RETRIEVED_TOKEN

Link I requesting

https://firestore.googleapis.com/v1beta1/projects/MYPROJECTID/databases/(default)/documents/places?fields=fields&documentId=kk&key=API_KEY_FOR_WEB_APP_FROM_FIREBASE_PROJECT_SETTING

So here I am passing key from Firebase project settings for Web

Body of this POST request

{
  "fields": {
    "nn": {
        "stringValue": "hhh"
    }
  }
}

But it the end I get 403 in response.

{
  "error": {
    "code": 403,
    "message": "Missing or insufficient permissions.",
    "status": "PERMISSION_DENIED"
  }
}

Already broken up my mind trying to find an error. Thanks in advance!

Answer 1

I had the same problem few days ago.

You should try to modify your rules like code bellow:

service cloud.firestore {
  match /databases/{database}/documents {    
    match /places/{document=**} {
      allow create, update, delete, read: if true;
    }
  }
}

In this case you set rules for all document's of places. Also you can test your rules in Rules Simulator. This works quite good.

I hope this will help you