firebase sessions cookies and storage rules

Question

I've noticed on the docs for firebase session cookies that it states:

For security reasons, Firebase session cookies cannot be used with other Firebase services due to their custom validity period, which can be set to the maximum duration of 2 weeks. All applications using server side cookies are expected to enforce permissions checks after verifying these cookies server side.

Does this mean that I can't use the auth claims to specify security rules for cloud storage uploads?

Answer 1

You can use auth claims in Cloud Storage security rules. Read the documentation here.