Firebase Settings
Use Security > Firebase Settings to manage Firebase credentials and control notification delivery from one screen.
Current Panel Overview
The page shown in the video contains:
- a top
ON/OFFtoggle for Firebase integration - VAPID configuration fields
- web app client configuration fields
- Admin SDK service account fields
- a
Save Configurationbutton
Main Sections
1. FCM VAPID Configuration
VAPID Private Key
Source:
- Firebase Console >
Project Settings>Cloud Messaging> Web Push certificates.
What to enter:
- Paste the Web Push
VAPID Private Keyexactly as generated by Firebase. - Do not enter the public key in this field.
- This field is required if your website uses Firebase web push notifications.
2. Client-side Configuration
API KeyAuth DomainProject IDStorage BucketMessaging Sender IDApp IDMeasurement ID
Source:
- Firebase Console >
Project Settings>General> your web app config.
What to enter:
API Key: paste theapiKeyvalue from the Firebase web app config.Auth Domain: paste theauthDomainvalue such asproject-id.firebaseapp.com.Project ID: paste the Firebase project id exactly.Storage Bucket: paste the Firebase storage bucket value if your project uses it.Messaging Sender ID: paste the sender id used by Firebase Cloud Messaging.App ID: paste the full web app id from Firebase.Measurement ID: paste the analytics measurement id if your Firebase project includes it.
Important:
Project ID,Messaging Sender ID, andApp IDmust belong to the same Firebase project.- A mismatch between client-side values and Admin SDK values can break notification delivery.
3. Admin SDK Service Account Key
TypeProject IDPrivate Key IDClient EmailClient IDToken URIAuth URIClient X.509 Cert URLAuth Provider X.509 Cert URLUniverse DomainPrivate Key
Source:
- Firebase Console >
Project Settings>Service accounts>Generate new private key. - Copy values from the downloaded JSON into the matching CMS fields.
What to enter:
Type: normallyservice_accountProject ID: the same Firebase project id used abovePrivate Key ID: copy from the service account JSONClient Email: paste the Firebase admin SDK service account emailClient ID: paste the numeric client id from the JSONToken URI: usuallyhttps://oauth2.googleapis.com/tokenAuth URI: usuallyhttps://accounts.google.com/o/oauth2/authClient X.509 Cert URL: paste the certificate URL from the JSONAuth Provider X.509 Cert URL: usually Google cert URL from the JSONUniverse Domain: usuallygoogleapis.comPrivate Key: paste the full private key block exactly as provided
Important:
- Keep line breaks intact when pasting
Private Key. Client EmailandPrivate Keyare mandatory for server-side Firebase authentication.- If you generate a new JSON key, update all related Admin SDK fields together.
Setup Flow
- Open
Security > Firebase Settings. - Turn the Firebase toggle
ONwhen you are ready to activate the integration. - Copy the
VAPID Private Keyfrom Firebase Cloud Messaging. - Copy the web app config values into the client-side section.
- Generate a new service account JSON and map its values into the Admin SDK section.
- Review all keys carefully, especially
Project ID,Client Email, andPrivate Key. - Click
Save Configuration. - Send a test notification to confirm delivery works correctly.
Field Validation Tips
- If
VAPID Private Keyis missing, browser push registration can fail. - If
Auth DomainorProject IDis wrong, Firebase web app initialization can fail. - If
Client EmailorPrivate Keyis wrong, admin-side push delivery can fail. - Save only after all required fields are filled for the same Firebase project.
Update and Disable Flow
- To update Firebase credentials, edit the existing values and click
Save Configurationagain. - To temporarily stop Firebase-based notifications, switch the toggle to
OFFand save. - After key rotation, update the page immediately so message delivery does not fail.
Security Notes
Private Keyand other credentials are sensitive; limit access to authorized users only.- Never expose these values in public docs or logs.
- Incorrect project values can break notification delivery.