How to access firebase database from nodejs admin sdk after enforcing Firebase App Check

Question

I have enabled Firebase App Check in my project to ensure all requests are coming only from our app. That has been working well till now (Using RecaptachaV3 as a Attestation Provider for web). However I want to access the database (rtdb) from my backend nodejs server. I'm using the firebase-admin-sdk with a service account for it. But I am unable to do it.

const { initializeApp, applicationDefault } = require('firebase-admin/app');
const { getDatabase } = require('firebase-admin/database');

const app = initializeApp({
  credential: applicationDefault(),
  databaseURL: '********',
});

const db = getDatabase(app);

const ref = db.ref('/some-path');
ref.once('value', (snapshot) => {
  console.log(snapshot.val());
});

Below error is thrown

[2022-06-27T09:42:25.299Z] @firebase/database: FIREBASE WARNING: Missing appcheck token (https://qtalkproject.firebaseio.com/)

Isn't app check only for clients? Shouldn't firebase allow all requests that are coming from a service account? Why is it asking for an app check token? Acc to the documentation the firebase-admin-sdk is allowed to create app check tokens. If it is allowed to create app check tokens, doesn't it mean it is already authenticated? Why can't I access the database from the same admin sdk then? Am I missing something here?

Answer 1

If anyone else is blocked like me until firebase releases the fix, you can use the older version of the firebase admin sdk which doesn't have app check (I used v9.3.0) to access rtdb and other firebase features

Answer 2

Firebaser here

You are correct, the Firebase Admin SDK should bypass App Check. Thank you for finding and reporting this bug! Our team has identified the issue and currently working on a fix. We will use the following GitHub issue to track the progress https://github.com/firebase/firebase-admin-node/issues/1788