I have several ESP8266 accessing the same Firebase Realtime Database. Though I know 'secret' is deprecated, it is the only way for them to be authenticated. Cf. https://github.com/FirebaseExtended/firebase-arduino
I am facing this question: I would like to grant access to each of them only to its authorized node (and deeper ones of course). Indeed, I would like to reproduce these classical rules:
{
"rules": {
"users": {
"$uid": {
".write": "$uid === auth.uid"
}
}
}
}
Is there something equivalent while using 'secret' ?
There is no equivalent. When you use the database secret, all your access to the database is completely unrestricted, and is not affected by security rules. It's effectively "root" access to your database - there is no auth and no uid. User based security is only available to client code that's actually using Firebase Authentication to verify the identity of the user.