Where Does Firebase Store its Authentication Tokens in Web Browser?

I’ve been curious about where Firebase’s JavaScript SDK for web apps stores the auth tokens or session IDs to authenticate users and keep them “logged in”. Initially, I thought maybe the authentication happens via cookies but when I tried deleting all the cookies, I was still logged in as a user in my web app backed by Firebase Auth.

The next thought was that maybe the tokens are in Web Storage (localStorage or sessionStorage). On repeating the storage deletion and refreshing the page process, it seemed like this was not the case either.

Finally, it turns out that the tokens are stored in IndexedDB. That’s the answer!

Firebase Token IndexedDB
Chrome Dev Tools > Application Tab

As you can notice in the image above, you’ll find the tokens (and some additional profile details) in the firebaseLocalStorage object store which itself resides in the firebaseLocalStorageDb database. The stsTokenManager field in the value object has both the access and refresh tokens along with the expiration time of the access token.

Normally you should see only one object (row) in the object store. As you can see in the image, it mentions Total entries: 1. If you delete this object from dev tools then you’ll automatically get logged out.

Just for fun, I tried copying the object from Chrome to Firefox’s IndexedDB and that logged me into the Firebase web app on Firefox. If you want to try it out as well, just open your web app URL in Firefox and use the following scripts to:

  1. Copy the relevant object (that we saw above) from Chrome.
  2. Put/paste/store into Firefox’s IndexedDB for your web app domain.
// Copy Data from Chrome
const req = window.indexedDB.open('firebaseLocalStorageDb', 1);

req.onsuccess = e => {
  const db = e.target.result;
  const tx = db.transaction(['firebaseLocalStorage'], 'readonly');
  const os = tx.objectStore('firebaseLocalStorage');
  os.openCursor().onsuccess = e => {
    const cursor = event.target.result;
    if (cursor) {
      // Copy the value (JSON) only dumped by console.log
      console.log(cursor.key, JSON.stringify(cursor.value));
      cursor.continue();
    }
  };
};


// Paste/Put/Store the object into Firefox IndexedDB
const value = /* object copied from the console.log above */;

const req = window.indexedDB.open('firebaseLocalStorageDb', 1);

req.onsuccess = e => {
  const db = e.target.result;
  const tx = db.transaction(['firebaseLocalStorage'], 'readwrite');
  const os = tx.objectStore('firebaseLocalStorage');
  const request = os.add(value);
  request.onsuccess = e => {
    // Operation successful!
    console.log(e);
  };
};

// You should be authenticated in your Firebase web app now (in Firefox)!

Leave a Reply

Your email address will not be published.