Security

Security

We take security very seriously, that's why we developed Firefoo as a standalone desktop application. This ensures that all Firestore data will stay on your computer and only ever be sent to Google, never to us or any third party.

Storage location for application state

On closing Firefoo, it saves its state to your computer, this includes Google account tokens and service account keys. This brings great convenience as you don't have to load your keys after every launch. However if you want to remove all of Firefoo's data from your computer you have to delete its local storage manually. To do this on your platform, delete the following directory:

Windows

%APPDATA%\Firefoo, e.g. C:\Users\john\AppData\Roaming\Firefoo

macOS

$HOME/Library/Application Support/Firefoo, e.g. /Users/john/Library/Application Support/Firefoo

Linux

$HOME/.config/Firefoo, e.g. /home/john/.config/Firefoo

Login with a Google Account

There are two ways to access a project in Firefoo. You can login via OAuth with your Google account. This allows Firefoo to access your Firebase projects. If you login with your Google account, Firefoo needs and therefore requests the following permissions:
  • See, edit, configure and delete your Google Cloud Platform data
  • View and administer all your Firebase data and settings
  • View your Cloud Platform projects

Use a service account

Alternatively you can use a service account key to add a project to Firefoo individually. These keys grant full admin access to your project.

Miscellaneous

Firefoo will only ever contact our server at api.firefoo.app to check for an update and the license validity.