Authentication | Sprout Documentation

Sprout uses Firebase Authentication v9+ (Modular SDK) for secure user management with multiple authentication methods.

Authentication Methods

Email/Password

Google OAuth 2.0

GitHub OAuth

Magic Link (passwordless)

SAML SSOEnterprise

Security Model

JWT Token Validation

Custom middleware validates Firebase JWT on every API request

Session Management

Server-side session tokens with automatic refresh before expiry

Role-Based Access Control (RBAC)

• Free Tier: Basic features, rate limits
• Pro Tier: Enhanced limits, priority processing
• Enterprise: Unlimited, dedicated infrastructure

User Flow

Sign-up/Sign-in

Modal-based authentication UI

Token Management

Automatic refresh before expiry

Protected Routes

All API endpoints require valid Firebase JWT

User Metadata

Stored in Firestore with subscription status

Firestore Schema

users/{userId}:
  - email: string
  - subscriptionId: string
  - plan: 'free' | 'pro' | 'enterprise'
  - createdAt: timestamp
  - usage: {
      monthlyRequests: number,
      lastReset: timestamp
    }
  - apiKeys: array<string> // For programmatic access

← File Processing Subscription Tiers →