Google.Cloud.Firestore can view any collection or document regardless of security rules

@LeXa777 If you intend to play with Firestore from a .NET application from an user account, this is what you need:

• Create an user account in Firebase (Firebase Console > Authentication). Make sure Email/Password authentication provider is enable (you can enable it from the “Sign-in method” tab).
• From your C# code, authenticate to Firebase using either REST calls or an external library. I would suggest you to use FirebaseAuthentication.net. You can get it from nuget. The GitHub repository is here. This is not an official Firebase library.
• Create a custom authentication mechanism for FirstoreDb using the user authentication token and refresh token obtained from the previous step.

I will give you an example. But before that, keep in mind that this Firestore .NET SDK is designed for server-side use. I have been using it for .NET client-side applications (WPF, Win Forms, Xamarin) for pretty a much a year, and I can tell from my experience that it works just fine for client applications too. But it is NOT officially supported, and it misses many client-side features that other official Firestore SDKs provide.

public FirestoreDb CreateFirestoreDbWithEmailAuthentication(string emailAddress, string password, string firebaseApiKey, string firebaseProjectId)
        {
            // Create a custom authentication mechanism for Email/Password authentication
            // If the authentication is successful, we will get back the current authentication token and the refresh token
            // The authentication expires every hour, so we need to use the obtained refresh token to obtain a new authentication token as the previous one expires
            var authProvider = new FirebaseAuthProvider(new FirebaseConfig(firebaseApiKey));
            var auth = authProvider.SignInWithEmailAndPasswordAsync(emailAddress, password).Result;
            var callCredentials = CallCredentials.FromInterceptor(async (context, metadata) =>
            {
                if (auth.IsExpired()) auth = await auth.GetFreshAuthAsync();
                if (string.IsNullOrEmpty(auth.FirebaseToken)) return;

                metadata.Clear();
                metadata.Add("authorization", $"Bearer {auth.FirebaseToken}");
            });
            var credentials = ChannelCredentials.Create(new SslCredentials(), callCredentials);

            // Create a custom Firestore Client using custom credentials
            var grpcChannel = new Channel("firestore.googleapis.com", credentials);
            var grcpClient = new Firestore.FirestoreClient(grpcChannel);
            var firestoreClient = new FirestoreClientImpl(grcpClient, FirestoreSettings.GetDefault());

            return FirestoreDb.Create(firebaseProjectId, null, firestoreClient);
        }

The code above is just a sample. It needs additional work, especially when it comes to handling eventual exceptions that authProvider.SignInWithEmailAndPasswordAsync may throw (invalid email/password, connection issues, etc).

Optionally, you can authenticate to Firebase using Firebase REST API.

@BidyaSagarJena: I don’t think that’s related to this topic at all. I’ve seen the issue you reported in the dotnet-docs-samples repo, and I’ll investigate that, but please don’t add comments to unrelated issues.