Is there a way to add security rules that apply to admin in Firebase?

Question

Does anyone know how to enforce security rules in Firebase on writes performed by the admin server?

E.g.:

userDetail: { \".validate\" : //some security rule b

Answer 1

You cannot write security rules that apply to requests that have an administrative privileges access level – which is the default for service account authentication. Security is completely disabled then, including validation rules.

But this does not mean that you can't have your servers in check. Change the server to authenticate with limited privileges. In both Node and Java, the keyword is databaseAuthVariableOverride.

See also the Admin SDK setup documentation.