ReTool doesn't connect to firestore

App Building
1

I just wanted to verify that retool does not currently connect with firestore?
I have been trying for days now, and it does not work. I have connected many other things before, from other services, and create many GCP service accounts but it does not work at all.

Everytime I paste in my service account JSON and connect it says:

Test connection failed (0.843s):Missing or insufficient permissions.

  1. :arrow_forward:{query: "getCollectionsFirestore", error: Object}
  2. query: "getCollectionsFirestore"
  3. :arrow_forward:error: Object
    1. message: "Missing or insufficient permissions."

I have made it so the firebase rules will not restrict anything.
I have added the firewall rules.
I have added all the service account IAM roles, including owner to bypass anything. They include:

"Cloud Datastore Owner, Editor, Firebase Authentication Admin, Firebase Rules Firestore Service Agent, Firebase Rules Viewer, Firestore Service Agent, Owner"

I have even tested the service account JSON locally and it works fine. This seems to be a retool limitation. I am at a loss here and really wanted to use retool, but I guess that is just not possible now unfortunately. Are there plans to connect to firestore in the future?

2

Just to update on this... I used the exact same service account key in jetadmin.io and it worked instantly with no issues at all. This is definitely a retool issue, and it is very disappointing since I wasted so much time on this (many hours over multiple days). Horrible documentation, no support, poor product. I do like the template better, that is why I wanted to use retool, but unless I am the "tool" here and not retool, and I missed something simple, I probably won't be back. Sad because retool is what I did want to use.

3

Hi @steve0k, welcome to the forum! :wave:

We haven't found any issues with our Firebase API connector. I'm able to query my own Firestore database right now:

Screenshot 2024-12-16 at 2.31.58 PM
Screenshot 2024-12-16 at 2.31.58 PM1046×1392 85.1 KB

However, on your end, you have highly permissive access configuration. In order to find the root cause of this issue, please expand on the following:

  • How is that you are connected to Firebase?
  • Did you use Retool's built-in API connector?
  • How is this connection similar/different from the one you set up on jetadmin (screenshots would be great)?
4

One more thing, please add all the I AM Roles you set up.

For context, when Retool connects to Firebase, it connects to the following service types by default:

Screenshot 2024-12-16 at 2.56.55 PM
Screenshot 2024-12-16 at 2.56.55 PM1010×570 23.3 KB

Maybe we are missing roles for one of more.

6

I use the exact same service account key, which works instantly in jetadmin.
Maybe I am using some outdated version of retool? I don't see what you see when I try and connect, there is no dropdown for Firestore. I leave the realtime database blank since I don't use that. (I left the service key blank but I usually paste it in there obviously).

Screenshot 2024-12-16 200354
Screenshot 2024-12-16 200354721×763 51.8 KB

These are my service account roles, it lets me read and write in jetadmin:

Screenshot 2024-12-16 195552
Screenshot 2024-12-16 195552699×232 12.2 KB

7

Are you on Cloud or Self-hosted Retool? If Self-hosted, what version?

What I shared shows up when creating a new query once the connection is successful. Because Retool supports those three service types, I suspect it requires roles for all of them.

Let's make sure we include all of the following scopes:
Firestore API: roles/datastore.user, roles/firestore.serviceAgent
Realtime Database: roles/firebase.databaseAdmin, roles/firebase.admin
Firebase Auth: roles/firebaseauth.admin

8

(post deleted by author)