Firebase Authentication provides backend services to authenticate users using passwords, phone numbers, and federated identity providers (Google, Facebook, Apple, GitHub, Twitter, Microsoft). Handles JWT token lifecycle, refresh tokens, and email verification flows.
https://identitytoolkit.googleapis.com/v1
Auth type
API Key Header
Auth header
?key=AIzaSy...
Rate limit
1M users per project (Spark)
Pricing
Free tier available
Free quota
10K/month phone verifications; unlimited other sign-ins
Documentation
https://firebase.google.com/docs/reference/rest/auth
Endpoint status
Server online — HTTP 404 — server is online but path returned an error (may require auth)736ms
(checked Mar 29, 2026)
Builder score
B
70%
builder-friendly
Include your Firebase Web API Key as a key query parameter for REST endpoints.
?key=AIzaSy...
Free forever for email/social auth. Phone auth: 10K verifications/month free on Spark; $0.006 per verification on Blaze plan after threshold.
| Method | Path | Description |
|---|---|---|
| POST | /accounts:signUp |
Create a new email/password user |
| POST | /accounts:signInWithPassword |
Sign in with email and password |
| POST | /accounts:sendOobCode |
Send password reset or verification email |
| POST | /accounts:update |
Update user profile or password |
| POST | /accounts:lookup |
Look up user data by ID token |
| POST | /token |
Refresh an ID token |
curl -X POST "https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=$FIREBASE_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "securepassword",
"returnSecureToken": true
}'
{
"localId": "ZY6sY3NfRXYJ0N...",
"email": "user@example.com",
"displayName": "",
"idToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6...",
"registered": true,
"refreshToken": "APZUo0...",
"expiresIn": "3600"
}
Data sourced from API Map. Always verify pricing and rate limits against the official Google Firebase documentation.