Write a small program that runs in GCP to crawl through user claims and validate that everyone has the correct claims. If someone every compromised a back-end API key they could use it to change their claims in firebase and access other user accounts. We can hope and wish that that never happens, but I'd also like to know if it did ahead of time.
Write a small program that runs in GCP to crawl through user claims and validate that everyone has the correct claims. If someone every compromised a back-end API key they could use it to change their claims in firebase and access other user accounts. We can hope and wish that that never happens, but I'd also like to know if it did ahead of time.