You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/auth/phone-auth.md
+52Lines changed: 52 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -26,12 +26,64 @@ Before starting with Phone Authentication, ensure you have followed these steps:
26
26
your APNs authentication key is [configured with Firebase Cloud Messaging (FCM)](/docs/cloud-messaging/ios/certs). Additionally, you must
27
27
[enable background modes](https://help.apple.com/xcode/mac/current/#/deve49d0ba96) for remote notifications.
28
28
To view an in-depth explanation of this step, view the [Firebase iOS Phone Auth](/docs/auth/ios/phone-auth) documentation.
29
+
If verification fails with **`recaptcha-sdk-not-linked`** (*The reCAPTCHA SDK is not linked to your app*), see
30
+
[iOS: reCAPTCHA SDK and Identity Platform](#ios-recaptcha-sdk-and-identity-platform).
29
31
4.**Web**: Ensure that you have added your applications domain on the [Firebase console](https://console.firebase.google.com/), under
30
32
**OAuth redirect domains**.
31
33
32
34
**Note**; Phone number sign-in is only available for use on real devices and the web. To test your authentication flow on device emulators,
33
35
please see [Testing](#testing).
34
36
37
+
## iOS: reCAPTCHA SDK and Identity Platform
38
+
39
+
On **iOS**, phone sign-in can fail with `FirebaseAuthException` code **`recaptcha-sdk-not-linked`** (for example: *The reCAPTCHA SDK is not linked to your app*).
40
+
That error is raised by the **native Firebase iOS Auth** SDK when your Firebase / **Identity Platform** configuration expects **reCAPTCHA Enterprise**
41
+
for SMS-related verification, but the **reCAPTCHA Enterprise iOS SDK** is not linked in your Xcode project.
42
+
43
+
The `firebase_auth` plugin does not inject a reCAPTCHA client from Dart—you must fix this in **native iOS** setup or in **Google Cloud / Firebase** configuration.
44
+
45
+
### Recommended: Link reCAPTCHA Enterprise on iOS
46
+
47
+
Add the **reCAPTCHA Enterprise** client to your app using Google’s guide:
48
+
[Instrument your iOS app with reCAPTCHA Enterprise](https://cloud.google.com/recaptcha-enterprise/docs/instrument-ios-apps)
49
+
(CocoaPods or Swift Package Manager), so Firebase Auth can satisfy the Enterprise requirement.
If the SDK uses a **Safari view controller**-hosted challenge instead of the Enterprise SDK, your app must handle the **return URL**
54
+
(for example with **`uni_links`** / **`app_links`**, or **`onOpenUrl`** / **`application:openURL:`** in the iOS runner), following standard
55
+
Flutter + Firebase iOS setup for OAuth-style callbacks.
56
+
57
+
### When you don’t need reCAPTCHA Enterprise for phone auth
58
+
59
+
[Google’s guide to reCAPTCHA SMS defense](https://cloud.google.com/identity-platform/docs/recaptcha-tfp) describes an **optional** Identity Platform
60
+
feature that depends on the **reCAPTCHA Enterprise API** and (on iOS) linking the [reCAPTCHA Enterprise client](https://cloud.google.com/recaptcha-enterprise/docs/instrument-ios-apps).
61
+
Standard Firebase phone authentication often **does not** require that flow—turning **reCAPTCHA Enterprise** on in Firebase / Google Cloud without also
62
+
shipping the native SDK can surface **`recaptcha-sdk-not-linked`**.
To **disable** reCAPTCHA SMS defense (for example when you cannot or won’t link the Enterprise SDK), Google documents a **`projects.updateConfig`** call
67
+
on **`projects/{project_id}/config`** with **`updateMask=recaptchaConfig`** and:
The Firebase Authentication SDK for Flutter provides two individual ways to sign a user in with their phone number. Native (e.g. Android & iOS) platforms provide
0 commit comments