docs(firestore-semantic-search): correct App Check and Auth claims for query function#1104
Open
cabljac wants to merge 1 commit into
Open
docs(firestore-semantic-search): correct App Check and Auth claims for query function#1104cabljac wants to merge 1 commit into
cabljac wants to merge 1 commit into
Conversation
The query Callable Function docs stated the endpoint was protected by App Check and required a signed-in Firebase Auth user. Neither is enforced: the function is registered as a plain onCall handler with no App Check enforcement and the handler never inspects the auth context. Update PREINSTALL, README, and POSTINSTALL to describe the actual behaviour - the function is callable by any client, only ever returns document IDs (so Firestore Security Rules still protect document contents), and developers who need to restrict access should enable App Check enforcement and/or add their own auth checks. Fixes #686
f1963f8 to
81e1485
Compare
CorieW
reviewed
Jul 2, 2026
| ## Example client integration | ||
|
|
||
| Now that you have an index with data in it, you can run text similarity search queries directly from your client application. Note that this Callable Function is protected by App Check and requires that you are signed in with a [Firebase Auth](https://firebase.google.com/docs/auth) call the Function from your client application. | ||
| Now that you have an index with data in it, you can run text similarity search queries directly from your client application. Note that this Callable Function does not enforce [App Check](https://firebase.google.com/docs/app-check) or [Firebase Auth](https://firebase.google.com/docs/auth) by default, so any client with your Firebase project configuration is able to call it. The function only ever returns document IDs (never document contents), so your Firestore Security Rules continue to govern access to the underlying documents. If you need to restrict access to the query function itself, enable App Check enforcement and/or add your own authentication checks. |
Collaborator
There was a problem hiding this comment.
What if instead of declaring that it's not enforced, we just remove the text saying that it is enforced? The changelog can reflect the clarification. Outside of that, users wouldn't automatically assume that it is enforced, so it doesn't seem relevant to document that it's not enforced.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #686.
The
firestore-semantic-searchdocs claimed the query Callable Function was "protected by App Check" and "requires that you are signed in with a Firebase Auth user". Neither is true:queryIndexis registered as a plainfunctions.https.onCall(queryIndexHandler)with no App Check enforcement (enforceAppCheck/runWith).queryIndexHandler(data)never inspects the auth context, so no Firebase Auth is required either.This corrects the documentation to describe the actual behaviour rather than changing the function itself.
Changes
PREINSTALL.md/README.md: replace the "requires a signed-in Firebase Auth user" claim with an accurate description - the function does not enforce Auth or App Check by default, only ever returns document IDs (so Firestore Security Rules still protect document contents), and developers who want to lock down the endpoint should enable App Check enforcement and/or add their own auth checks.POSTINSTALL.md: same correction to the "Example client integration" note.0.1.11and added a CHANGELOG entry.Notes
Scope is documentation only. Adding actual App Check / Auth enforcement to the callable would be a behavioural change and is left for a separate discussion. The related
firestore-vector-searchextension makes no App Check claim in its docs, so no correction was needed there.