To authenticate the Firebase Admin SDK in Azure Functions, you can store the Google service account key file as an application setting. By default, connection strings and secrets used by your function app and bindings are stored as application settings. You can store the contents of the key file as an application setting and retrieve it in your function code using the application setting name.
To store the key file as an application setting, you can follow these steps:
- Open the Azure portal and navigate to your function app.
- In the left-hand menu, click on "Configuration".
- Click on the "+ New application setting" button.
- Enter a name for the application setting, such as "GOOGLE_APPLICATION_CREDENTIALS".
- Paste the contents of the key file into the "Value" field.
- Click "OK" to save the application setting.
In your function code, you can retrieve the contents of the key file using the name of the application setting. For example, in Node.js, you can use the process.env
object to access the value of an application setting:
const admin = require('firebase-admin');
const serviceAccount = JSON.parse(process.env.GOOGLE_APPLICATION_CREDENTIALS);
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
// ...
});
By default, application settings and connection strings are stored encrypted in Azure and decrypted only before being injected into your app's process memory when the app starts. However, if you prefer to manage the secure storage of your secrets, you can use Azure Key Vault to store and retrieve secrets.
References: