Search code examples
node.jsgoogle-cloud-platformmulti-tenantfirebase-admin

How to manage tenants programatically in Google Cloud Platform

I am writing a backend service to manage my tenants in gcp. Specifically, I’d like to be able to create/delete and list tenants, on my node server.

The Firebase admin-sdk should enable me to do so. When I try to run it I get this error:

Credential implementation provided to initializeApp() via the "credential" property failed to fetch a valid Google OAuth2 access token with the following error: "Error fetching access token: Error while making request: getaddrinfo ENOTFOUND metadata.google.internal. Error code: ENOTFOUND".

I followed this documentation to set up install the admin sdk. (tried windows and linux, using an environment variable) I used this documentation (Getting an existing tenant)

This is my code:

var admin = require('firebase-admin');
var app = admin.initializeApp({
    credential: admin.credential.applicationDefault(),
    projectId: 'myProject'
});
admin.auth().tenantManager().getTenant("myTenant")
    .then((tenant) => {
        console.log(tenant.toJSON());
    })
    .catch((error) => {
        // Handle error.
        console.log(error.message)
    });


const someOtherStuff = () =>...

module.exports = {
    someOtherStuff
}

Edit: I am running this code locally on a node server with Express. I am using a Windows computer and a Linux computer. The result is the same on both systems.

Solution

  • I was able to work around the problem by changing the initialization. Instead of using environment variables, I used the service account key file directly, as described here

    Some sample code of how I use it:

    var admin = require('firebase-admin');
var {getAuth} = require('firebase-admin/auth');
var serviceAccount = require('/path/to/serviceAccountKey.json');

// Initialize the default app using seriveAccount instead of environment variables
var app = admin.initializeApp({
    credential: admin.credential.cert(serviceAccount)
});
   

const createTenant = async (tenantName) => getAuth(app).tenantManager().createTenant({
    displayName: tenantName,
    emailSignInConfig: {
        enabled: true,
        passwordRequired: true, // Email link sign-in enabled.
    }
}).then((createdTenant) => {
    return createdTenant.toJSON();
}).catch((error) => {
    console.log("tenant could not be created. " + error.message);
});

//some other stuff...

module.exports = {
    createTenant,
    someOtherStuff,
}