I'm writing an (embedded + mobile) app that uses firestore through REST & GRPC APIs. Each access authenticates using firebase bearer tokens which is identifies a firebase userid.
I'd like to use that same token/firebase uid to pull notifications from pubsub, and limit that firebase uid to a particular topic, but pubsub uses gcp's IAM, not firestore authentication . How can I reference the firebase users on pubsub/iam ?
Thanks!
Using the token or firebase UID to authenticate and pull data from Google Cloud Pub/Sub isn't possible and really won't scale. Cloud Pub/Sub has tighter quotas on number of topics and number of subscriptions per topic: 10,000 for each. It is designed for the "torrents" use case: a smaller number of topics and subscriptions to which a lot of data is delivered. Firestore scales in a different direction, to much larger numbers of end users. Therefore, you will quickly run out of quota for individual subscriptions on Cloud Pub/Sub.
Instead, you'd want some kind of frontend server that subscribers to the desired Cloud Pub/Sub topics and distributes messages to the end users, perhaps via Firebase Cloud Messaging, which is more of the "trickles" use case where there are many, many topics on which a small number of messages are published.