react-nativeclientaccountgoogle-2fa

How do developers handle 3rd party account creations for their clients?


As an ios/android app developer, my pain point is having clients sign up for the various 3rd party accounts needed for their app to work (e.g. google cloud, mapbox, firebase, etc.), however with 2-factor authentication (2fa) being a requirement on most accounts, it makes it difficult to get into these accounts easily as the developer (since 2fa requires a code being sent to the client which must be entered in a limited time period).

Has anyone found an easy solution for working with 3rd party accounts for their clients especially when 2fa is being used?


Solution

  • Well, at least Google Cloud and Firebase in this case have the option to add additional users under a given role. In this case you would likely want the client to be Owner of the project, and ask them to invite you as a developer, this way you can sign in with your own Google account (either gmail or your personal if you use google workspace), hence bypassing the need for 2FA. In general, there are things that you don't really want access to as developer, such as billing information, so it makes sense to ask for limited access. Both Firebase and GCP have predefined roles for this, you can do some research on them to find out which makes the most sense for you and advice your client. Read more about the roles here:

    GCP: https://cloud.google.com/iam/docs/understanding-roles Firebase: https://firebase.google.com/docs/projects/iam/roles

    Side note: If you are working as a freelancer, I would recommend to never create accounts for your clients, if you are working with specific service, ask your client to setup the account (this will primarily protect you, if the client backs out or the server costs for development build up if the project is taking long time to finish)