I am using Firebase Admin SDK from my development machine (Node.js/Fastify). So I am trying to do something like this:

Initialize Firebase App 👇:

import * as firebaseAdmin from 'firebase-admin'
import { applicationDefault } from 'firebase-admin/app'

firebaseAdmin.initializeApp({
  projectId: '<FIREBASE-PROJECT-ID>',
  credential: applicationDefault(),
})

export default firebaseAdmin

Then when using my “firebaseAdmin” (for example👇):

import firebaseAdmin from '../../../firebase-admin'
import { FastifyInstance, FastifyPluginAsync, FastifyReply, FastifyRequest } from 'fastify'
  

const myRoutes: FastifyPluginAsync<AppOptions> = async (fastify: FastifyInstance) => {
  
fastify.post<{ Body: { uid: string } }>(
   `/token`,
    async (request: FastifyRequest<{ Body: { uid: string } }>, reply: FastifyReply) => {
      const { uid } = request.body

      try {
        const customToken = await firebaseAdmin.auth().createCustomToken(uid)
        return reply.send({ token: customToken })
      } catch (error: unknown) {
        if (error instanceof Error) {
          app.log.error('Error creating custom token:', {
            name: error.name,
            stack: error.stack,
            message: error.message,
          })
          return reply
            .code(500)
            .send({ message: 'Failed to create token', error: error.message })
        } else {
          app.log.error('Unknown error creating custom token:', error)
          return reply
            .code(500)
            .send({ message: 'Failed to create token', error: 'Unknown error' })
        }
      }
    },
  )
})

export default myRoutes

Allways getting this error:

Failed to determine service account. Make sure to initialize the SDK with a service account credential. Alternatively specify a service account with iam.serviceAccounts.signBlob permission. Original error: Error: Error while making request: getaddrinfo ENOTFOUND metadata. Error code: ENOTFOUND

I know I’m not using a service account; if I were, I would just do something like this (which works perfectly):

import * as firebaseAdmin from 'firebase-admin'
import { applicationDefault } from 'firebase-admin/app'

const serviceAccountPath = '/path/to/my/service-account.json'

firebaseAdmin.initializeApp({
    credential: firebaseAdmin.credential.cert(serviceAccountPath),
})

export default firebaseAdmin

But, the thing is that I don’t want to use a service account. I want to use the ADC ( Application Default Credentials ) from gcloud located at:

~/.config/gcloud/application_default_credentials.json

I’m trying to understand why these credentials don’t have access to Firebase Auth. How can I make it work? Is it even possible?

This is what I tried:

• I installed the Firebase CLI and attempted to locate another default application credentials file, something like:

  ~/.config/firebase/application_default_credentials.json
  

  I intended to use that file to set the GOOGLE_APPLICATION_CREDENTIALS environment variable. However, I was not able to locate that file and I’m not even sure if it actually exists..

• I granted permissions as Firebase Authentication Admin, Editor and several others that I don’t remember. It didn’t work. It seems that it’s not a permissions issue.