I can’t find any Flutter documentation about how to use Google Service Account Authentication in a mobile app.

The point is to use Firestore Document Snapshot in a mobile app without prompting users for credentials. It must be Firestore Document Snapshot Listener NOT a Document Get Query because I need real time data .

Most Flutter Firestore Document Snapshot demos are without service account authentication. Other authentication demos are based on google user account credentials or third party providers such as Facebook or Github while I need app / service authentication.


Solution 1: Doug Stevenson

You're not supposed to use service accounts in web and mobile apps. Since a service account is highly privileged (and always bypass security rules), it's not suitable for putting on end user devices in any form. It would be a huge security hole if a user's device contained a service account, no matter what you do to obscure that.

Service accounts are only intended for use with secure backend code. Don't try to do anything different, or you will open yourself up to a whole slew of security problems.

The only supported way of dealing with Firestore directly and securely through web and mobile apps is using Firebase Authentication. Yes, this involves making the user enter their credentials. That's a good thing - you don't want anyone to impersonate anyone else. You could look into anonymous authentication if want to create user accounts without credentials.

If you really must perform some actions with a service account, directed by a web or mobile app, the app should connect to a backend through some API endpoint. The backend can then perform the operations. If you do this, bear in mind that now people can access the API endpoint to possibly compromise your system, and that API should be controlled by some form of auth (perhaps also Firebase Auth).