Phone authentication with reCAPTCHA should use the web recaptcha key instead of the ios key

[cedvdb]

Description

As per this issue an api key must be unrestricted (which imo should not be acceptable) in order to use phone authentication on a simulator. Unrestricted in this scenario means that the api key must be allowed on any platform to not encounter an error of the sort: Requests from this iOS client application <empty> are blocked..

Firebase ios sdk should allow another api key (web recaptcha key) to be used by the recaptcha flow, which is its intended use case. This would allow to restrict the ios api key for ios only and use a recaptcha key for recaptcha flows.

Related:

• https://github.com/firebase/firebase-ios-sdk/issues/11287
• https://github.com/firebase/firebase-ios-sdk/issues/7653

Reproducing the issue

Restricting firebase API key on the google cloud console for the app's bundle identifier and try the reCAPTCHA authentication flow.

Firebase SDK Version

10.9

Xcode Version

14.3

Installation Method

CocoaPods

Firebase Product(s)

Authentication

Targeted Platforms

iOS

Relevant Log Output

No response

If using Swift Package Manager, the project's Package.resolved

No response

If using CocoaPods, the project's Podfile.lock

No response

[google-oss-bot]

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.