In Firebase Authentication, what is the main effect of linking multiple providers (like Google and Facebook) to a single user account?
Think about how linking providers affects user sign-in options.
Linking multiple providers allows a user to sign in with any linked provider but access the same Firebase user account and data.
Given an authenticated Firebase user, which method correctly links a new OAuth provider credential to their account?
const credential = firebase.auth.GoogleAuthProvider.credential(idToken); // User is already signed in // Which method links the credential to the user?
Check the Firebase user object methods for linking credentials.
The method linkWithCredential on the current user links a new provider credential to that user.
You want to store user profile data in Firestore for users who sign in with multiple linked providers. What is the best practice for structuring this data?
Consider how Firebase UID relates to user identity across providers.
Firebase UID is unique per user regardless of linked providers. Storing one document per UID with provider info nested avoids duplication and keeps data consistent.
When linking multiple providers to a Firebase user, what risk occurs if you do not verify that the email addresses from providers match and are verified?
Think about what happens if two accounts share the same email but are not verified.
If emails are not verified before linking, an attacker could link their account with the victim's email and access the victim's Firebase user data.
After unlinking a provider from a Firebase user who has multiple linked providers, what is the state of the user account?
Consider what unlinking a provider means for the user's authentication options.
Unlinking removes one provider but the user account remains active and signed in if other providers are linked.