firebase-admin-node: secretOrPrivateKey must be an asymmetric key when using RS256

  • Operating System version: Ubuntu 22.10
  • Firebase SDK version: 11.3.0
  • Firebase Product: auth
  • Node.js version: 16.13.2
  • NPM version: 8.19.2

[REQUIRED] Step 3: Describe the problem

I am using Firebase-Admin on a NestJs API, build with NX ; my API is using Admin SDK to create and manage users. For that, I am using the method auth.createUser({email, password}), but Firebase throws an error, ONLY FOR THE FIRST CALL :

secretOrPrivateKey must be an asymmetric key when using RS256

I know my private key is readed right, and most of all, only the first call to createUser returns error ; other calls are working great… So I ended up putting a call with fake datas right after the initialization of Firebase, to be able to use it in other parts of my app, but it doesn’t seem so terrible…! I can’t find any other people having the same issue, really weird.

Any idea ?

About this issue

  • Original URL
  • State: open
  • Created a year ago
  • Comments: 31 (1 by maintainers)

Most upvoted comments

I solved it as follows

import admin from 'firebase-admin'

const {
  FIREBASE_PROJECT_ID = '',
  FIREBASE_PRIVATE_KEY = '',
  FIREBASE_CLIENT_EMAIL = '',
} = process.env

class Firebase {
  public init() {
    return admin.initializeApp({
      credential: admin.credential.cert({
        projectId: FIREBASE_PROJECT_ID,
        clientEmail: FIREBASE_CLIENT_EMAIL,
        privateKey: FIREBASE_PRIVATE_KEY.replace(/\\n/g, '\n'),
      }),
    })
  }
}

export default Firebase

my env : FIREBASE_PRIVATE_KEY=-----BEGIN PRIVATE KEY-----\n<YOUR_PRIVATE_KEY>\n-----END PRIVATE KEY-----\n

the private key I used exactly as in the example, without quotes.

@jdutheil Found a solution for you, upgrade your node version to 18 !, I was shocked it worked

maybe I’m too late for the party, in my case I had a extra comma , after the key that somehow messed up my .env file

before `FIREBASE_SA_PRIVATE_KEY=“-----BEGIN PR…0k\n-----END PRIVATE KEY-----\n”,

after `FIREBASE_SA_PRIVATE_KEY=“-----BEGIN PR…0k\n-----END PRIVATE KEY-----\n”

@x1c0 you saved my life

Having the same issue in Deno tried all the solutions about , any of you had any luck ?

It also worked in NodeJS 16.19.0 😄 Not worked in 16.15.0 .

I can confirm updating node to 18 fixed the problem. I was running v16.14.2 and once I updated to v18.18.0 everything worked as expected.

I got the same issue Error: secretOrPrivateKey must be an asymmetric key when using RS256 when trying to use firebase-admin. My firebase private key is an environment variable and used in the initializeApp function from firebase-admin. Was able to fix the error by:

  • Wrap the firebase private key environment variable inside single quotes + double quotes like so:

FIREBASE_PRIVATE_KEY='"-----BEGIN PRIVATE KEY-----\n<the key goes here>\n-----END PRIVATE KEY-----\n"'

  • Use JSON.parse() when reading the env variable and initializing the app:
app = initializeApp({
    credential: cert({
      privateKey: JSON.parse(process.env.FIREBASE_PRIVATE_KEY as string),
      clientEmail: process.env.FB_CLIENT_EMAIL,
      projectId: process.env.FB_PROJECT_ID,
    }),
  });

Still the same error for me. Here’s my code: ` const admin = require(“firebase-admin”); require(‘dotenv’).config();

admin.initializeApp({ credential: admin.credential.cert({ projectId: process.env.FIREBASE_PROJECT_ID, clientEmail: process.env.FIREBASE_CLIENT_EMAIL, privateKey: process.env.FIREBASE_PRIVATE_KEY.replace(/\n/g, “\n”), }), });

admin.auth().getUser(“kFC1nrE51YSIDdwY9gYWvyZxKtX2”); ` And in my env file: image Still getting the same error : secretOrPrivateKey must be an asymmetric key when using RS256

I was stuck in this problem, and the solution for me was generate de key using the key size as 2048 with algorithm:RS256

I got the same issue while generating jsonWebToken. I solved it as follow

const crypto = require('crypto') const cert = fs.readFileSync('./key.pem', 'utf8') const privateKey = crypto.createPrivateKey({key : cert, passphrase:'pass'}) ...

The generated privateKey will be asymmetric.

I just started getting this issue, but I’m running windows and Node v18.15.0 when calling getAuth().getUser(uid). Any updates on this? I know it might not be a Firebase issue but I’m not sure where to troubleshoot next.

I don’t use Firebase but I’m facing this issue currently. Resolved to ditching Passport entirely and writing my own authentication guards myself. Sigh.

I have the same problem and none of the suggestions above worked for me

Since the original issue was encountered in NestJs API, built with NX, @jdutheil: does replacing the /n per https://github.com/firebase/firebase-admin-node/issues/2051#issuecomment-1402448454 (privateKey: FIREBASE_PRIVATE_KEY.replace(/\\n/g, '\n'),)work for you?

If not, could you provide us with a minimal repro or a complete code sample to reproduce the issue in NestJs API? Thanks.