---
title: Firebase Ayarlari
title_en: Firebase Settings
description_tr: Guncel CMS panelinden Firebase bildirim ayarlarini yonetme, VAPID, client ve Admin SDK alanlarini doldurma akisi.
description_en: Configure Firebase notification settings, manage VAPID, client, and Admin SDK fields, and save the integration from the current CMS panel.
order: 20
product: cms
section_tr: Security
section_en: Security
owner: CMS Operations Team
lastReviewed: 2026-04-01
productVersion: v1
status: live
cardImage: /img/cms/security/firebase-configuration/cms-security-firebase-poster.webp
---
# Firebase Settings

Use `Security > Firebase Settings` to manage Firebase credentials and control notification delivery from one screen.

<video src="/video/cms-security-firebase-configuration.mp4"></video>

## Current Panel Overview

The page shown in the video contains:

- a top `ON/OFF` toggle for Firebase integration
- VAPID configuration fields
- web app client configuration fields
- Admin SDK service account fields
- a `Save Configuration` button

## Main Sections

### 1. FCM VAPID Configuration

- `VAPID Private Key`

Source:
- Firebase Console > `Project Settings` > `Cloud Messaging` > Web Push certificates.

What to enter:
- Paste the Web Push `VAPID Private Key` exactly as generated by Firebase.
- Do not enter the public key in this field.
- This field is required if your website uses Firebase web push notifications.

### 2. Client-side Configuration

- `API Key`
- `Auth Domain`
- `Project ID`
- `Storage Bucket`
- `Messaging Sender ID`
- `App ID`
- `Measurement ID`

Source:
- Firebase Console > `Project Settings` > `General` > your web app config.

What to enter:
- `API Key`: paste the `apiKey` value from the Firebase web app config.
- `Auth Domain`: paste the `authDomain` value such as `project-id.firebaseapp.com`.
- `Project ID`: paste the Firebase project id exactly.
- `Storage Bucket`: paste the Firebase storage bucket value if your project uses it.
- `Messaging Sender ID`: paste the sender id used by Firebase Cloud Messaging.
- `App ID`: paste the full web app id from Firebase.
- `Measurement ID`: paste the analytics measurement id if your Firebase project includes it.

Important:
- `Project ID`, `Messaging Sender ID`, and `App ID` must belong to the same Firebase project.
- A mismatch between client-side values and Admin SDK values can break notification delivery.

### 3. Admin SDK Service Account Key

- `Type`
- `Project ID`
- `Private Key ID`
- `Client Email`
- `Client ID`
- `Token URI`
- `Auth URI`
- `Client X.509 Cert URL`
- `Auth Provider X.509 Cert URL`
- `Universe Domain`
- `Private Key`

Source:
- Firebase Console > `Project Settings` > `Service accounts` > `Generate new private key`.
- Copy values from the downloaded JSON into the matching CMS fields.

What to enter:
- `Type`: normally `service_account`
- `Project ID`: the same Firebase project id used above
- `Private Key ID`: copy from the service account JSON
- `Client Email`: paste the Firebase admin SDK service account email
- `Client ID`: paste the numeric client id from the JSON
- `Token URI`: usually `https://oauth2.googleapis.com/token`
- `Auth URI`: usually `https://accounts.google.com/o/oauth2/auth`
- `Client X.509 Cert URL`: paste the certificate URL from the JSON
- `Auth Provider X.509 Cert URL`: usually Google cert URL from the JSON
- `Universe Domain`: usually `googleapis.com`
- `Private Key`: paste the full private key block exactly as provided

Important:
- Keep line breaks intact when pasting `Private Key`.
- `Client Email` and `Private Key` are mandatory for server-side Firebase authentication.
- If you generate a new JSON key, update all related Admin SDK fields together.

## Setup Flow

1. Open `Security > Firebase Settings`.
2. Turn the Firebase toggle `ON` when you are ready to activate the integration.
3. Copy the `VAPID Private Key` from Firebase Cloud Messaging.
4. Copy the web app config values into the client-side section.
5. Generate a new service account JSON and map its values into the Admin SDK section.
6. Review all keys carefully, especially `Project ID`, `Client Email`, and `Private Key`.
7. Click `Save Configuration`.
8. Send a test notification to confirm delivery works correctly.

## Field Validation Tips

- If `VAPID Private Key` is missing, browser push registration can fail.
- If `Auth Domain` or `Project ID` is wrong, Firebase web app initialization can fail.
- If `Client Email` or `Private Key` is wrong, admin-side push delivery can fail.
- Save only after all required fields are filled for the same Firebase project.

## Update and Disable Flow

- To update Firebase credentials, edit the existing values and click `Save Configuration` again.
- To temporarily stop Firebase-based notifications, switch the toggle to `OFF` and save.
- After key rotation, update the page immediately so message delivery does not fail.

## Security Notes

- `Private Key` and other credentials are sensitive; limit access to authorized users only.
- Never expose these values in public docs or logs.
- Incorrect project values can break notification delivery.