What are some of the things that we will need to do to use a custom authentication provider. We are going to use Firebase.
It seems like an odd request. So your users are stored in Firebase, but the data is in Backendless? Why not storing the users in Backendless as well?
I would assume that we would still need to store the users in Backendless, so that we can secure the data stored in backendless. But the user authentication and token management, would be handled by another service provider.
Other Authentication providers support more identity providers and their social login SDK are very good.
Yes, you’d need to store users in Backendless and in order to take advantage of user authentication and token management, you’d need to authenticate against the data stored in Backendless. Otherwise, if you authenticate against some other security domain, Backendless would not know that the user is who they say they are.
So, after the user is authenticated using Firebase, how do I authorize the user in backendless?
User authorization in Backendless happens automatically when a valid user-token is attached to an API request. The user-token can be obtained through the Login API request.
That said, in order to authorize a user (grant/reject permissions that belong to him) in Backendless, it would need to be authenticated in Backendless first.