Devot Logo
Devot Logo
Arrow leftBack to blogs

Introduction to Firebase: Empowering Your App Development

Vladimir Š.4 min readJun 24, 2025Technology
Vladimir Š.4 min read
Contents:
Creating a Firebase project
Setting up sign-in providers
Generating a private key for the Firebase admin SDK
Hashing the private key for security and convenience
Adding Firebase dependencies
Configuring Firebase in Spring Boot
Creating a custom authentication filter
Adding security configuration
Implementing login
Conclusion

Firebase is a comprehensive platform developed by Google that offers a suite of tools designed to simplify app development, from backend infrastructure to real-time data services. It provides developers with essential features like Firebase Authentication for secure user sign-ins, Firebase Realtime Database for live data synchronization, and Firebase Cloud Storage for securely storing user-generated content. These tools help build scalable, dynamic apps with minimal setup, allowing developers to focus more on user experience and functionality.

Beyond these core features, Firebase also includes app distribution, crash reporting, cloud functions, analytics, and user engagement tools like push notifications. With all of these integrated into a single platform, Firebase streamlines the development process and helps developers monitor, improve, and grow their apps over time, providing a powerful all-in-one solution for both mobile and web app creation.

Creating a Firebase project

Before we dive into the code, let's first set up a Firebase project. Head over to Firebase and log in with your Google account. If you don’t have one yet, now is the perfect time to create it! Once logged in, click on "Go to console" in the top right corner to access your Firebase dashboard.

Now, let’s create a new project. Click on "Create a project" and give it a name that makes sense for your application. Firebase will guide you through a few quick steps—just follow along and hit next. Once the setup is complete, you’ll land on the project’s overview page, where all the magic happens.

Firebase console with "Create a project" button highlighted for starting a new project setup.

Setting up sign-in providers

Firebase offers several ways to authenticate users, but for this guide, we'll keep things simple and enable Email/Password authentication. In your Firebase console, find the "Build" section in the left sidebar and click on "Authentication".

Firebase console showing the "Authentication" option selected under the "Build" section.

If you’re doing this for the first time, you’ll see a "Get started" button—click it to initialize authentication services.

Authentication setup screen with "Get started" button for initializing Firebase authentication.

Next, go to the "Sign-in method" tab and select "Email/Password". Flip the switch to enable this method, then hit "Save".

Sign-in method tab with Email/Password option enabled in the Firebase console.

That’s it! You now have Email/Password authentication enabled, and you’ll see it listed under "Enabled providers".

Enabled providers section showing Email/Password listed under active authentication methods.

Generating a private key for the Firebase admin SDK

To let your Spring Boot app talk to Firebase securely, you’ll need a private key for the Firebase Admin SDK. Don’t worry, it’s just a couple of clicks away. First, go to Project settings by clicking the gear icon in the left sidebar. Then, navigate to the "Service accounts" tab.

Firebase project settings with "Service accounts" tab selected to access Admin SDK private key.

Here, you’ll see an option to generate a private key. Select Java as the platform and click on "Generate new private key". Firebase will create a JSON file containing your private key, and it’ll automatically download to your computer. Keep this file safe—you’ll need it soon when integrating Firebase with your Spring Boot app.

Hashing the private key for security and convenience

Handling raw JSON keys can be risky, especially when deploying to production environments. To increase security and make it more manageable, we can hash the private key using Base64 encoding. This approach ensures that the key is stored safely while remaining accessible when needed.

Once the key is hashed, it should be added to your project’s configuration instead of using the raw JSON file. This minimizes the risk of exposure while maintaining seamless integration with Firebase services.

Adding Firebase dependencies

Now, let’s bring Firebase into our Spring Boot project. To do this, add the following dependency to your build.gradle file:

This will include the Firebase Admin SDK, which allows your application to interact with Firebase Authentication services.

Configuring Firebase in Spring Boot

Now that we have the dependency, it's time to configure Firebase in our Spring Boot application. First, store your Base64-encoded private key securely in the application.properties file:

Alternatively, you can store it in a .env file or use an environment variable for better security practices.

Next, create a configuration class to decode the Base64 key and initialize Firebase authentication:

Creating a custom authentication filter

For enhanced security, we can create a custom authentication filter that verifies the Firebase token and assigns roles to users. This filter will intercept incoming requests, extract the bearer token, and validate it using Firebase Authentication.

Since we're introducing custom logic here, it's also a good time to think about applying proven Java Design Patterns to keep your code maintainable and scalable as the project grows.

Adding security configuration

To complete our security setup, we must register our authentication filter with Spring Security. This ensures that all incoming requests are checked for authentication before proceeding.

Implementing login

Since the Firebase Admin SDK does not support email/password login directly, we need to manually request an access token using Firebase’s REST API. To achieve this, we send an HTTP POST request to Firebase’s authentication endpoint, passing the user's email and password. Firebase responds with an authentication token, which can then be used for accessing secured endpoints within our application. This approach ensures that users logging in via email and password can still leverage Firebase’s authentication mechanisms while maintaining security and compliance with Firebase’s requirements.

Conclusion

By following these steps, you have successfully integrated Firebase Authentication into a Spring Boot application. You’ve set up Firebase, configured authentication methods, generated and secured a private key, and implemented a custom authentication filter to ensure role-based access control. Additionally, you’ve integrated Firebase authentication with Spring Security, providing a secure way to validate user sessions.

While Firebase simplifies authentication, always remember to follow best practices in securing your API keys, handling authentication tokens properly, and keeping your dependencies up to date. With this foundation in place, you can now build scalable and secure authentication systems for your Java applications!

Spread the word:
Keep readingSimilar blogs for further insights
The Full-Stack AI Developer: Frameworks, Tools, and Deployment Skills You Actually Need
Technology
Iva P.10 min readSep 18, 2025
The Full-Stack AI Developer: Frameworks, Tools, and Deployment Skills You Actually NeedWhat does a full-stack AI developer really do—and why aren’t these roles as common as you'd think in 2025? Discover the skills, salaries, job boards, and step-by-step roadmap for breaking into this future-facing career.
The C4 Model Explained: Clearer Software Architecture Diagrams with Structurizr
Technology
Vladimir Š.12 min readSep 16, 2025
The C4 Model Explained: Clearer Software Architecture Diagrams with StructurizrClarity in software architecture starts with the right diagrams. Explore how the C4 model and Structurizr help developers and architects create consistent, maintainable visuals that scale with your system.
Responsive Design in Figma: Constraints, Auto Layout, and Variables
Technology
Doris S.12 min readSep 11, 2025
Responsive Design in Figma: Constraints, Auto Layout, and VariablesResponsive done right in Figma—clear patterns for constraints, Auto Layout, min/max, and variables that scale across breakpoints. Real-world tips for fewer handoff surprises and components that adapt without duplicating artboards.