I have an user which has the following custom user claims,
customClaims: { role: 'admin' },
How can I access this role property (admin) inside the cloud firestore rules?
I'm using the code below, which doesn't work. What needs to be done in order to work?
match /companies/{document=**} {
allow read: if request.auth != null;
allow write: if request.auth != null && request.customClaims.role == "admin";
}
Custom claims are in request.auth.token object as mentioned in the documentation:
match /companies/{document=**} {
allow read: if request.auth != null;
allow write: if request.auth != null && request.auth.token.role == "admin";
}
request.auth.token.customClaims.role –
Lura All claims (including custom ones) are available under the request.auth.token variable. Note that it may take up to an hour before the claims propagate to the security rules, as they are embedded in the user's ID token. If you want to speed this up, you can force reload the user profile, or sign them out and in again.
Also see:
The custom claims exist in the request.auth.token object as fields , so all the custom claims can be accessed like this request.auth.token[your_custom_claim]
In your case you can access role like this request.auth.token.role
hope that helps :)
© 2022 - 2025 — McMap. All rights reserved.
getIdTokenResult(true)provides my all claims but still can not able to access that claims in rules can anyone help me out – Reliquary