Authentication - Set up access token permissions with Firebase

Follow the following steps to start configure your authentication endpoint and start building your own security logic.


  1. Install the liveblocks/node package

    Let’s first install the @liveblocks/node package in your Firebase functions project.

    $npm install @liveblocks/node
  2. Set up authentication endpoint

    Create a new Firebase callable function as shown below. This is where you will implement your security and define the rooms that the user has access to.

    The client will request a token either for a specific room, in which case the request body property room will be defined, or for resources outside a specific room (like notifications), in which case, room will be undefined.

    See permissions with access token to understand how to grant access to multiple rooms with an access token.

    const functions = require("firebase-functions");const { Liveblocks } = require("@liveblocks/node");
    const liveblocks = new Liveblocks({ secret: "",});
    exports.auth = functions.https.onCall(async (data, context) => { // Get the current user from your database const user = (data);
    // Start an auth session inside your endpoint const session = liveblocks.prepareSession(, { userInfo: user.metadata }, // Optional );
    // Implement your own security, and give the user access to the room/organization. // Note: Even if room is defined, we recommend to always use wildcards. const { room } = request.body; if (room && (user, room)) { session.allow(room, session.FULL_ACCESS); } else { session.allow(`${user.organization}*`, session.READ_ACCESS) }
    // Authorize the user and return the result const { status, body } = await session.authorize(); return JSON.parse(body);});
  3. Set up the client

    On the front end, you can now replace the publicApiKey option with authEndpoint pointing to the endpoint you just created.

    import { createClient } from "@liveblocks/client";import firebase from "firebase";import "firebase/functions";
    firebase.initializeApp({ /* Firebase config */});
    const auth = firebase.functions().httpsCallable("liveblocks-auth");
    // Create a Liveblocks clientconst client = createClient({ authEndpoint: async (room) => (await auth({ room })).data,});

More information

Both userId and userInfo can then be used in your JavaScript application as such:

const self = room.getSelf(); // or useSelf() in Reactconsole.log(;console.log(;
Auth diagram