I am trying to build an application that uses Identity Platform to handle user authentication. I am also building functionality into Cloud Functions that needs to be triggered by user actions in the application.
From an authentication/permissions standpoint, should I be opening up my Cloud Function to any and all traffic (not requiring IAM auth) and then doing verification of the user’s auth via Identity Platform from within the function?
Best answer by malamin
View original