firebase · DellaBitta · Jan 29, 2024 · Jan 29, 2024 · Jan 29, 2024
diff --git a/common/api-review/app.api.md b/common/api-review/app.api.md
@@ -73,18 +73,14 @@ export interface FirebaseOptions {
 
 // @public
 export interface FirebaseServerApp extends FirebaseApp {
-    appCheckTokenVerified: () => Promise<void>;
     authIdTokenVerified: () => Promise<void>;
-    installationTokenVerified: () => Promise<void>;
     name: string;
     readonly settings: FirebaseServerAppSettings;
 }
 
 // @public
 export interface FirebaseServerAppSettings extends FirebaseAppSettings {
-    appCheckToken?: string;
     authIdToken?: string;
-    installationsAuthToken?: string;
     name?: undefined;
     releaseOnDeref?: object;
 }

diff --git a/docs-devsite/app.firebaseserverapp.md b/docs-devsite/app.firebaseserverapp.md
@@ -12,7 +12,7 @@ https://github.com/firebase/firebase-js-sdk
 # FirebaseServerApp interface
 A [FirebaseServerApp](./app.firebaseserverapp.md#firebaseserverapp_interface) holds the initialization information for a collection of services running in server enviornments.
 
-Do not call this constructor directly. Instead, use  to create an app.
+Do not call this constructor directly. Instead, use [initializeServerApp()](./app.md#initializeserverapp_30ab697) to create an app.
 
 <b>Signature:</b>
 
@@ -25,31 +25,15 @@ export interface FirebaseServerApp extends FirebaseApp
 
 |  Property | Type | Description |
 |  --- | --- | --- |
-|  [appCheckTokenVerified](./app.firebaseserverapp.md#firebaseserverappappchecktokenverified) | () =&gt; Promise&lt;void&gt; | Checks to see if the verification of the appCheckToken provided to  has completed. If the optional appCheckToken parameter was omitted then the returned Promise is completed immediately.<!-- -->It is recommend that your application awaits this promise before initializing any Firebase products that use AppCheck. The Firebase SDKs will not use App Check tokens that are determined to be invalid or those that have not yet completed validation.<!-- -->The returned Promise is completed immediately if the optional appCheckToken parameter was omitted from FirebaseServerApp initialization. |
-|  [authIdTokenVerified](./app.firebaseserverapp.md#firebaseserverappauthidtokenverified) | () =&gt; Promise&lt;void&gt; | Checks to see if the verification of the authIdToken provided to  has completed.<!-- -->It is recommend that your application awaits this promise if an authIdToken was provided during FirebaseServerApp initialization before invoking getAuth(). If an instance of Auth is created before the Auth ID Token is validated, then the token will not be used by that instance of the Auth SDK.<!-- -->The returned Promise is completed immediately if the optional authIdToken parameter was omitted from FirebaseServerApp initialization. |
-|  [installationTokenVerified](./app.firebaseserverapp.md#firebaseserverappinstallationtokenverified) | () =&gt; Promise&lt;void&gt; | Checks to see if the verification of the installationToken provided to  has completed.<!-- -->It is recommend that your application awaits this promise before initializing any Firebase products that use Firebase Installations. The Firebase SDKs will not use Installation Auth tokens that are determined to be invalid or those that have not yet completed validation.<!-- -->The returned Promise is completed immediately if the optional appCheckToken parameter was omitted from FirebaseServerApp initialization. |
-|  [name](./app.firebaseserverapp.md#firebaseserverappname) | string | There is no get for FirebaseServerApp, so the name is not relevant. However, it's declared here so that FirebaseServerApp conforms to the FirebaseApp interface declaration. Internally this string will always be empty for FirebaseServerApp instances. |
+|  [authIdTokenVerified](./app.firebaseserverapp.md#firebaseserverappauthidtokenverified) | () =&gt; Promise&lt;void&gt; | Checks to see if the local verification of the authIdToken provided to [initializeServerApp()](./app.md#initializeserverapp_30ab697) has completed.<!-- -->It is recommend that your application awaits this promise before invoking getAuth() if an authIdToken was provided in the FirebaseServerAppSettings.<!-- -->The returned Promise is completed immediately if the optional authIdToken parameter was omitted from FirebaseServerApp initialization. |
+|  [name](./app.firebaseserverapp.md#firebaseserverappname) | string | There is no getApp operation for FirebaseServerApps, so the name is not relevant for applications. However, it may be used internally, and is declared here so that FirebaseServerApp conforms to the FirebaseApp interface declaration. |
 |  [settings](./app.firebaseserverapp.md#firebaseserverappsettings) | [FirebaseServerAppSettings](./app.firebaseserverappsettings.md#firebaseserverappsettings_interface) | The (read-only) configuration settings for this server app. These are the original parameters given in [initializeServerApp()](./app.md#initializeserverapp_30ab697)<!-- -->. |
 
-## FirebaseServerApp.appCheckTokenVerified
-
-Checks to see if the verification of the appCheckToken provided to  has completed. If the optional appCheckToken parameter was omitted then the returned Promise is completed immediately.
-
-It is recommend that your application awaits this promise before initializing any Firebase products that use AppCheck. The Firebase SDKs will not use App Check tokens that are determined to be invalid or those that have not yet completed validation.
-
-The returned Promise is completed immediately if the optional appCheckToken parameter was omitted from FirebaseServerApp initialization.
-
-<b>Signature:</b>
-
-```typescript
-appCheckTokenVerified: () => Promise<void>;
-```
-
 ## FirebaseServerApp.authIdTokenVerified
 
-Checks to see if the verification of the authIdToken provided to  has completed.
+Checks to see if the local verification of the authIdToken provided to [initializeServerApp()](./app.md#initializeserverapp_30ab697) has completed.
 
-It is recommend that your application awaits this promise if an authIdToken was provided during FirebaseServerApp initialization before invoking getAuth(). If an instance of Auth is created before the Auth ID Token is validated, then the token will not be used by that instance of the Auth SDK.
+It is recommend that your application awaits this promise before invoking getAuth() if an authIdToken was provided in the FirebaseServerAppSettings.
 
 The returned Promise is completed immediately if the optional authIdToken parameter was omitted from FirebaseServerApp initialization.
 
@@ -59,23 +43,9 @@ The returned Promise is completed immediately if the optional authIdToken parame
 authIdTokenVerified: () => Promise<void>;
 ```
 
-## FirebaseServerApp.installationTokenVerified
-
-Checks to see if the verification of the installationToken provided to  has completed.
-
-It is recommend that your application awaits this promise before initializing any Firebase products that use Firebase Installations. The Firebase SDKs will not use Installation Auth tokens that are determined to be invalid or those that have not yet completed validation.
-
-The returned Promise is completed immediately if the optional appCheckToken parameter was omitted from FirebaseServerApp initialization.
-
-<b>Signature:</b>
-
-```typescript
-installationTokenVerified: () => Promise<void>;
-```
-
 ## FirebaseServerApp.name
 
-There is no get for FirebaseServerApp, so the name is not relevant. However, it's declared here so that FirebaseServerApp conforms to the FirebaseApp interface declaration. Internally this string will always be empty for FirebaseServerApp instances.
+There is no getApp operation for FirebaseServerApps, so the name is not relevant for applications. However, it may be used internally, and is declared here so that FirebaseServerApp conforms to the FirebaseApp interface declaration.
 
 <b>Signature:</b>
 

diff --git a/docs-devsite/app.firebaseserverappsettings.md b/docs-devsite/app.firebaseserverappsettings.md
@@ -23,58 +23,26 @@ export interface FirebaseServerAppSettings extends FirebaseAppSettings
 
 |  Property | Type | Description |
 |  --- | --- | --- |
-|  [appCheckToken](./app.firebaseserverappsettings.md#firebaseserverappsettingsappchecktoken) | string | An optional AppCheck token.<!-- -->If provided, the FirebaseServerApp instance will work to validate the token. The result of the validation can be monitored by invoking the FirebaseServerApp.appCheckTokenVerified(). Awaiting the Promise returned by appCheckTokenVerified is highly recommended if an AppCheck token is provided.<!-- -->If the token has been properly verified then the AppCheck token will be automatically used by Firebase SDKs that support App Check.<!-- -->If the token fails verification then a warning is logged and the token will not be used. |
-|  [authIdToken](./app.firebaseserverappsettings.md#firebaseserverappsettingsauthidtoken) | string | An optional Auth ID token used to resume a signed in user session from a client runtime environment.<!-- -->If provided, the FirebaseServerApp instance will work to validate the token. The result of the validation can be queried via by the application by invoking the FirebaseServerApp.authIdTokenVerified(). Awaiting the Promise returned by authIdTokenVerified is highly recommended if an Auth ID token is provided.<!-- -->Once the token has been properly verified then invoking getAuth() will attempt to automatically sign in a user with the provided Auth ID Token.<!-- -->If the token fails verification then a warning is logged and Auth SDK will not attempt to sign in a user upon its initalization. |
-|  [installationsAuthToken](./app.firebaseserverappsettings.md#firebaseserverappsettingsinstallationsauthtoken) | string | An optional Installation Auth token.<!-- -->If provided, the FirebaseServerApp instance will work to validate the token. The result of the validation can be monitored by invoking the FirebaseServerApp.installationTokenVerified(). Awaiting the Promise returned by appCheckTokenVerified is highly recommended before initalization any other Firebase SDKs.<!-- -->If the token has been properly verified then the Installation Auth token will be automatically used by Firebase SDKs that support Firebase Installations.<!-- -->If the token fails verification then a warning is logged and the token will not be used. |
+|  [authIdToken](./app.firebaseserverappsettings.md#firebaseserverappsettingsauthidtoken) | string | An optional Auth ID token used to resume a signed in user session from a client runtime environment.<!-- -->If provided, the FirebaseServerApp instance will work to validate the token even before Auth is initialized. The result of the validation can be queried via by the application by invoking . Awaiting the Promise returned by  is highly recommended if an authIdToken token is provided.<!-- -->Invoking getAuth() with a FirebaseServerApp configured with a validated authIdToken will cause an automatic attempt to sign in the user that the authIdToken represents. The token needs to have been recently minted for this operation to succeed, otherwise it will fail validation.<!-- -->If the token fails local verification, or if the Auth service has deemed it invalid when the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not sign in a user upon initalization.<!-- -->If a user is successfully signed-in, then the Auth instance's onAuthStateChanged callback will be invoked with the User as per standard Auth flows. However, users created via authIdTokens do not have a refresh token and any attempted refresh operation will fail. |
 |  [name](./app.firebaseserverappsettings.md#firebaseserverappsettingsname) | undefined | There is no get for FirebaseServerApps, so the name is not relevant. however it's always a blank string so that FirebaseServerApp conforms to the FirebaseApp interface declaration. |
-|  [releaseOnDeref](./app.firebaseserverappsettings.md#firebaseserverappsettingsreleaseonderef) | object | An optional object. If provided, the Firebase SDK will use a FinalizationRegistry object to monitor the Garbage Collection status of the provided object, and the Firebase SDK will release its refrence on the FirebaseServerApp instance when the provided object is collected. or.<!-- -->The intent of this field is to help reduce memory overhead for long-running cloud functions executing SSR fulfillment without the customer's app needing to orchestrate FirebaseServerApp cleanup. Additionally, prexisting FirebaseServerApp instances may reused if they're identical to a previously generated one that has yet to be deleted.<!-- -->If the object is not provided then the application must clean up the FirebaseServerApp instance through the applicationss own standard mechanisms by invoking deleteApp.<!-- -->If the app provides an object in this parameter, but the application is executed in a JavaScript engine that predates the support of FinalizationRegistry (introduced in node v14.6.0, for instance), then the Firebase SDK will not be able to automatically clean up the FirebaseServerApp instance and an error will be thrown. |
-
-## FirebaseServerAppSettings.appCheckToken
-
-An optional AppCheck token.
-
-If provided, the FirebaseServerApp instance will work to validate the token. The result of the validation can be monitored by invoking the FirebaseServerApp.appCheckTokenVerified(). Awaiting the Promise returned by appCheckTokenVerified is highly recommended if an AppCheck token is provided.
-
-If the token has been properly verified then the AppCheck token will be automatically used by Firebase SDKs that support App Check.
-
-If the token fails verification then a warning is logged and the token will not be used.
-
-<b>Signature:</b>
-
-```typescript
-appCheckToken?: string;
-```
+|  [releaseOnDeref](./app.firebaseserverappsettings.md#firebaseserverappsettingsreleaseonderef) | object | An optional object. If provided, the Firebase SDK will use a FinalizationRegistry object to monitor the Garbage Collection status of the provided object, and the Firebase SDK will release its refrence on the FirebaseServerApp instance when the provided object is garbage collected.<!-- -->The intent of this field is to help reduce memory overhead for long-running cloud functions. If provided, the customer's app running in a SSR pass need not worry about FirebaseServerApp cleanup, so long as the reference object is deleted (by falling out of SSR scope, for instance.)<!-- -->If an object is not provided then the application must clean up the FirebaseServerApp instance by invoking deleteApp.<!-- -->If the application provides an object in this parameter, but the application is executed in a JavaScript engine that predates the support of FinalizationRegistry (introduced in node v14.6.0, for instance), then the Firebase SDK will not be able to automatically clean up the FirebaseServerApp instance and an error will be thrown. |
 
 ## FirebaseServerAppSettings.authIdToken
 
 An optional Auth ID token used to resume a signed in user session from a client runtime environment.
 
-If provided, the FirebaseServerApp instance will work to validate the token. The result of the validation can be queried via by the application by invoking the FirebaseServerApp.authIdTokenVerified(). Awaiting the Promise returned by authIdTokenVerified is highly recommended if an Auth ID token is provided.
+If provided, the FirebaseServerApp instance will work to validate the token even before Auth is initialized. The result of the validation can be queried via by the application by invoking . Awaiting the Promise returned by  is highly recommended if an authIdToken token is provided.
 
-Once the token has been properly verified then invoking getAuth() will attempt to automatically sign in a user with the provided Auth ID Token.
+Invoking getAuth() with a FirebaseServerApp configured with a validated authIdToken will cause an automatic attempt to sign in the user that the authIdToken represents. The token needs to have been recently minted for this operation to succeed, otherwise it will fail validation.
 
-If the token fails verification then a warning is logged and Auth SDK will not attempt to sign in a user upon its initalization.
+If the token fails local verification, or if the Auth service has deemed it invalid when the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not sign in a user upon initalization.
 
-<b>Signature:</b>
-
-```typescript
-authIdToken?: string;
-```
-
-## FirebaseServerAppSettings.installationsAuthToken
-
-An optional Installation Auth token.
-
-If provided, the FirebaseServerApp instance will work to validate the token. The result of the validation can be monitored by invoking the FirebaseServerApp.installationTokenVerified(). Awaiting the Promise returned by appCheckTokenVerified is highly recommended before initalization any other Firebase SDKs.
-
-If the token has been properly verified then the Installation Auth token will be automatically used by Firebase SDKs that support Firebase Installations.
-
-If the token fails verification then a warning is logged and the token will not be used.
+If a user is successfully signed-in, then the Auth instance's onAuthStateChanged callback will be invoked with the User as per standard Auth flows. However, users created via authIdTokens do not have a refresh token and any attempted refresh operation will fail.
 
 <b>Signature:</b>
 
 ```typescript
-installationsAuthToken?: string;
+authIdToken?: string;
 ```
 
 ## FirebaseServerAppSettings.name
@@ -89,13 +57,13 @@ name?: undefined;
 
 ## FirebaseServerAppSettings.releaseOnDeref
 
-An optional object. If provided, the Firebase SDK will use a FinalizationRegistry object to monitor the Garbage Collection status of the provided object, and the Firebase SDK will release its refrence on the FirebaseServerApp instance when the provided object is collected. or.
+An optional object. If provided, the Firebase SDK will use a FinalizationRegistry object to monitor the Garbage Collection status of the provided object, and the Firebase SDK will release its refrence on the FirebaseServerApp instance when the provided object is garbage collected.
 
-The intent of this field is to help reduce memory overhead for long-running cloud functions executing SSR fulfillment without the customer's app needing to orchestrate FirebaseServerApp cleanup. Additionally, prexisting FirebaseServerApp instances may reused if they're identical to a previously generated one that has yet to be deleted.
+The intent of this field is to help reduce memory overhead for long-running cloud functions. If provided, the customer's app running in a SSR pass need not worry about FirebaseServerApp cleanup, so long as the reference object is deleted (by falling out of SSR scope, for instance.)
 
-If the object is not provided then the application must clean up the FirebaseServerApp instance through the applicationss own standard mechanisms by invoking deleteApp.
+If an object is not provided then the application must clean up the FirebaseServerApp instance by invoking deleteApp.
 
-If the app provides an object in this parameter, but the application is executed in a JavaScript engine that predates the support of FinalizationRegistry (introduced in node v14.6.0, for instance), then the Firebase SDK will not be able to automatically clean up the FirebaseServerApp instance and an error will be thrown.
+If the application provides an object in this parameter, but the application is executed in a JavaScript engine that predates the support of FinalizationRegistry (introduced in node v14.6.0, for instance), then the Firebase SDK will not be able to automatically clean up the FirebaseServerApp instance and an error will be thrown.
 
 <b>Signature:</b>