Firebase Security Rules is comprised of a language and an API. Developers write rules in the
language, publish them via the API, and then submit requests to Firebase Security Rules-enabled
services. Services evaluate requests using the provided ruleset and determine whether the
requests should be permitted.
The following terms are used in this reference documentation.
Source: Domain-specific language containing rules scoped to a service
and path describing the conditions when a specific requestoperation may be permitted.
Ruleset: Persistent immutable copy Source content with a generated name.
Release: Named reference to a Ruleset, which makes the
Ruleset available for consumption and enforcement by Firebase Security
Rules-enabled services.
Service: firebaserules.googleapis.com
To call this service, we recommend that you use the Google-provided client libraries. If your application needs to use your own libraries to call this service, use the following information when you make the API requests.
Discovery document
A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery document:
A service endpoint is a base URL that specifies the network address of an API service. One service might have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2022-11-11 UTC."],[],[],null,["# Firebase Rules API\n\nCreates and manages rules that determine when a Firebase Security Rules-enabled service should permit a request.\n\n- [REST Resource: v1.projects](#v1.projects)\n- [REST Resource: v1.projects.releases](#v1.projects.releases)\n- [REST Resource: v1.projects.rulesets](#v1.projects.rulesets)\n\n| This reference documentation applies to managing Firebase Security Rules for Cloud Firestore and Cloud Storage for Firebase. For information about managing Firebase Realtime Database Security Rules, see [Managing\n| Firebase Realtime Database Rules using REST](//firebase.google.com/docs/database/rest/app-management).\n\n**For a description of the tools you can use to manage your Security Rules, including this\nREST API, see [Manage and deploy Firebase Security Rules](/docs/rules/manage-deploy).**\n| You can try out calling a Security Rules REST API method on live data using\n| the embedded API Explorer. This API Explorer allows you to see the API\n| request and response without leaving the API's reference documentation.\n|\n| Find the embedded explorer in the side-panel of each method's reference\n| page (click any method in the tables below).\n\nOverview\n--------\n\n\nFirebase Security Rules is comprised of a language and an API. Developers write rules in the\nlanguage, publish them via the API, and then submit requests to Firebase Security Rules-enabled\nservices. Services evaluate requests using the provided ruleset and determine whether the\nrequests should be permitted.\n\n\nThe following terms are used in this reference documentation.\n\n-\n `Source`: Domain-specific language containing rules scoped to a `service`\n and `path` describing the conditions when a specific `request`\n `operation` may be permitted.\n\n-\n `Ruleset`: Persistent immutable copy `Source` content with a generated name.\n\n-\n `Release`: Named reference to a `Ruleset`, which makes the\n `Ruleset` available for consumption and enforcement by Firebase Security\n Rules-enabled services.\n\nService: firebaserules.googleapis.com\n-------------------------------------\n\nTo call this service, we recommend that you use the Google-provided [client libraries](https://cloud.google.com/apis/docs/client-libraries-explained). If your application needs to use your own libraries to call this service, use the following information when you make the API requests.\n\n### Discovery document\n\nA [Discovery Document](https://developers.google.com/discovery/v1/reference/apis) is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery document:\n\n- \u003chttps://firebaserules.googleapis.com/$discovery/rest?version=v1\u003e\n\n### Service endpoint\n\nA [service endpoint](https://cloud.google.com/apis/design/glossary#api_service_endpoint) is a base URL that specifies the network address of an API service. One service might have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:\n\n- `https://firebaserules.googleapis.com`\n\nREST Resource: [v1.projects](/docs/reference/rules/rest/v1/projects)\n--------------------------------------------------------------------\n\n| Methods ||\n|-----------------------------------------------------|------------------------------------------------------------------------------------------|\n| [test](/docs/reference/rules/rest/v1/projects/test) | `POST /v1/{name=projects/**}:test` Test `Source` for syntactic and semantic correctness. |\n\nREST Resource: [v1.projects.releases](/docs/reference/rules/rest/v1/projects.releases)\n--------------------------------------------------------------------------------------\n\n| Methods ||\n|--------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------|\n| [create](/docs/reference/rules/rest/v1/projects.releases/create) | `POST /v1/{name=projects/*}/releases` Create a `Release`. |\n| [delete](/docs/reference/rules/rest/v1/projects.releases/delete) | `DELETE /v1/{name=projects/*/releases/**}` Delete a `Release` by resource name. |\n| [get](/docs/reference/rules/rest/v1/projects.releases/get) | `GET /v1/{name=projects/*/releases/**}` Get a `Release` by name. |\n| [getExecutable](/docs/reference/rules/rest/v1/projects.releases/getExecutable) | `GET /v1/{name=projects/*/releases/**}:getExecutable` Get the `Release` executable to use when enforcing rules. |\n| [list](/docs/reference/rules/rest/v1/projects.releases/list) | `GET /v1/{name=projects/*}/releases` List the `Release` values for a project. |\n| [patch](/docs/reference/rules/rest/v1/projects.releases/patch) | `PATCH /v1/{name=projects/*/releases/**}` Update a `Release` via PATCH. |\n\nREST Resource: [v1.projects.rulesets](/docs/reference/rules/rest/v1/projects.rulesets)\n--------------------------------------------------------------------------------------\n\n| Methods ||\n|------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|\n| [create](/docs/reference/rules/rest/v1/projects.rulesets/create) | `POST /v1/{name=projects/*}/rulesets` Create a `Ruleset` from `Source`. |\n| [delete](/docs/reference/rules/rest/v1/projects.rulesets/delete) | `DELETE /v1/{name=projects/*/rulesets/*}` Delete a `Ruleset` by resource name. |\n| [get](/docs/reference/rules/rest/v1/projects.rulesets/get) | `GET /v1/{name=projects/*/rulesets/*}` Get a `Ruleset` by name including the full `Source` contents. |\n| [list](/docs/reference/rules/rest/v1/projects.rulesets/list) | `GET /v1/{name=projects/*}/rulesets` List `Ruleset` metadata only and optionally filter the results by `Ruleset` name. |"]]