Firebase Auth is no longer working in incognito mode
Problem
[REQUIRED] Describe your environment Operating System version: Windows 10 Browser version: Version 81.0.4044.129 (Official Build) (64-bit) Firebase SDK version: 7.13.1 Firebase Product: auth [REQUIRED] Describe the problem Multiple of our users has reported, they are no longer able to login and use our product... After some investigation, it seems to happen for all the users, which accesses our platform in incognito mode. It seems to no longer be possible to use the firebase auth SDK in Google Incognito mode. The exact same users can log in with the exact same credentials or SSO integrations through firebase in non-incognito. Steps to reproduce: If users try to use firebase authentication on our platform in incognito mode, the error: `{code: "auth/web-storage-unsupported", message: "This browser is not supported or 3rd party cookies and data may be disabled.", a: null}` is thrown from the SDK. I believe it potentially can be an issue in a newer Chrome update, as I know Google has been experimenting with having Chrome block 3rd Party Cookies (I believe they experimented with it in version 83 of Chrome, which I am not using though).
Error Output
error:
`{code: "auth/web-storage-unsupported", message: "This browser is not supported or 3rd party cookies and data may be disabled.", a: null}`
Unverified for your environment
Select your OS to check compatibility.
1 Fix
Implement Firebase Auth Fallback for Incognito Mode
The error occurs because Firebase Auth relies on web storage (localStorage/sessionStorage) for maintaining user sessions, which is not available in incognito mode due to browser restrictions on third-party cookies and data. This is particularly relevant in recent Chrome updates where third-party cookies may be blocked by default.
Awaiting Verification
Be the first to verify this fix
- 1
Detect Incognito Mode
Implement a function to detect if the user is in incognito mode. This will allow you to provide an alternative authentication method or inform the user about the limitations.
javascriptfunction isIncognito() { return new Promise((resolve) => { const fs = window.RequestFileSystem || window.webkitRequestFileSystem; if (!fs) { resolve(false); } else { fs(window.TEMPORARY, 100, () => resolve(false), () => resolve(true)); } }); } - 2
Provide User Feedback
If the user is detected to be in incognito mode, display a message informing them that Firebase Auth may not work correctly and suggest switching to normal mode for a better experience.
javascriptif (await isIncognito()) { alert('Firebase authentication may not work in incognito mode. Please switch to normal browsing mode.'); } - 3
Implement Alternative Authentication Method
Consider implementing an alternative authentication method (like email/password) that does not rely on web storage. This could be a temporary workaround for users in incognito mode.
javascriptfirebase.auth().signInWithEmailAndPassword(email, password) .then((userCredential) => { // Signed in const user = userCredential.user; }) .catch((error) => { console.error('Error signing in:', error); }); - 4
Update Documentation
Update your user documentation to inform users about the limitations of using Firebase Auth in incognito mode and provide guidance on how to log in successfully.
N/AN/A
Validation
To confirm the fix worked, test the authentication flow in both normal and incognito modes. Ensure that users in incognito mode receive the appropriate feedback and can still authenticate using the alternative method if implemented.
Sign in to verify this fix
Environment
Submitted by
Alex Chen
2450 rep