Getting Started

Installation Steps

Ready to supercharge your Firebase project with Dogen? The Dogen Application Platform extension installs in about 5 minutes. Here's your step-by-step guide to getting everything up and running. Keep in mind a lot of this is just walking you through setting up a basic Firebase project. You may not need to do most of these steps if you already have a project set up.

Before You Begin

Before proceeding, please review our Terms of Service and Privacy Policy.

1. Set Up Your Firebase Project

Need a new Firebase project? No problem! Head over to the Firebase Console and:

  • Click "Create a Project" and follow the setup wizard
  • If you already have a project, you can skip this step

2. Enable the Blaze Plan

Firebase Extensions require the Blaze (pay-as-you-go) plan. Don't worry - you'll still get all the generous free tier benefits, and you can set budget alerts to control costs.

  • In the Firebase Console, look for the Upgrade button in the left sidebar
  • Follow the prompts to activate the Blaze plan

3. Configure Authentication

Let's set up user authentication if you haven't already done so:

  • Go to Authentication → Sign-in method
  • Enable Email/Password authentication
  • Create an account for yourself if you haven't done so already. You'll need this user's email address later during extension installation to designate this user as an admin.
Under Authentication Settings, be sure you keep the "Link accounts that use the same email" option enabled.

4. Add Dogen Security Rules for Firestore

Dogen relies on RBAC (Role Based Access Control) to manage user permissions. To get started you simply designate one of your existing users as a Dogen admin, and they will gain a specific token claim which you can then check for in your Firestore rules. Keep in mind only the users to whom you grant Dogen roles will actually have access to log into Dogen.

  • If you don't have Firestore enabled, navigate to Build → Firestore Database in the Firebase Console
  • Create a new database using Production mode
  • Integrate these security rules to enable Dogen access: 
    							
rules_version = '2';
service cloud.firestore {
  function isDogenAuthenticated() {
    return request.auth != null && ('dogenRoles' in request.auth.token);
  }

  function isDogenAuthorized(role) {
    return isDogenAuthenticated() &&
           ('admin' in request.auth.token.dogenRoles || role in request.auth.token.dogenRoles);
  }

  match /databases/{database}/documents {
    // Allow global access for admins
    match /{document=**} {
      allow read, write: if isDogenAuthorized('admin');
    }
  }
}

    These default security rules grant admin users full read and write access. However, the rules are fully customizable to match your specific needs. The key requirement is that admin users have read/write access to all Dogen internal configuration collections and any collections you plan to manage through Dogen. Remember, Dogen is just a web client, its these security rules that provide access.

    View Advanced Rules Example 
    								
rules_version = '2';
service cloud.firestore {
  function isDogenAuthenticated() {
	return request.auth != null && ('dogenRoles' in request.auth.token);
  }

  function isDogenAuthorized(role) {
	return isDogenAuthenticated() &&
		   ('admin' in request.auth.token.dogenRoles || role in request.auth.token.dogenRoles);
  }
  
  function isDogenUser(userId) {
	return isDogenAuthenticated() && request.auth.uid == userId;
  }

  match /databases/{database}/documents {
	// Allow global access for admins
	match /{document=**} {
	  allow read, write: if isDogenAuthorized('admin');
	}
	
	// Allow all authenticated users to read blueprint collections
	match /{collection}/{document=**} {
	  allow read: if isDogenAuthenticated() && collection.matches('dogen_blueprint_.*');
	}

	// Allow all authenticated users to read ALL config parameter settings
	match /dogen_application_config_parameter_settings/{document=**} {
	  allow read: if isDogenAuthenticated();
	}
	
	// Allow all authenticated users to read generations
	match /dogen_application_generations/{documentId} {
	  allow read: if isDogenAuthenticated();

	  // Block access to generation subcollections
	  match /{document=**} {
		allow read: if false;
	  }
	}

	match /dogen_application_accounts/{userId} {
	  // Allow users to read their own account document, but not write to it.
	  // We disallow write access to this collection to prevent users from modifying their own roles.
	  allow read: if isDogenUser(userId);

	  // Do allow users to write to their own data subcollection to store general usage data like recently modified items.
	  match /data/{document=**} {
		allow read, write: if isDogenUser(userId);
	  }
	}
  }
}
Only admins should have access to the "dogen_application_accounts" collection documents which controls Dogen roles. Users should not be allowed to modify their own roles.

5. Add Dogen Security Rules for Storage

  • Navigate to Build → Storage
  • Set up your default storage bucket
  • Apply these security rules to enable Dogen storage access: 
    							
rules_version = '2';
service firebase.storage {
    function isDogenAuthenticated() {
        return request.auth != null && ('dogenRoles' in request.auth.token);
    }

    function isDogenAuthorized(role) {
        return isDogenAuthenticated() &&
            ('admin' in request.auth.token.dogenRoles || role in request.auth.token.dogenRoles);
    }

    match /b/{bucket}/o {
        match /{allPaths=**} {
            allow read, write: if isDogenAuthorized('admin');
        }
    }
}

6. Register the Dogen Web App

  • Go to Project Settings → Your apps
  • Click the web icon (</>) to add a new web app
  • Register a new app, call it "Dogen", and save the Firebase config object - you'll need this in the next step
Many users have expressed concern about providing the Firebase api key to Dogen. The Firebase api key is not sensitive in nature and is intended to be public. Its readily available to anyone who uses your web or mobile app. With Firestore your security rules are what protect your data, not the app's API Key. Source 1 Source 2

7. Install Dogen AP

Time to install the Dogen Application Platform extension! Click the button below to start the installation process:

Install Dogen AP

You'll need to provide:

  • Your email address for registration (make sure it's valid - you'll need to confirm it)
  • Invitation code (optional - leave blank since we're in open registration)
  • Dogen API key (if you have one)
  • Preferred Google Cloud location for function deployment
  • Admin user email (must match the account you created in step 4)
  • Firebase config from step 6
  • A random string to use as a webhook key salt

Once you've submit the form, the extension will start installing. You'll know its ready when you see "Processing complete" status message. In some cases you may need to refresh the page if it seems stuck "Processing". Shortly after, you'll receive an email with further instructions.

❗ Errors? This can happen if Google Cloud is too slow to provision extension resources. Click the "View Details" link. At the bottom of the message click the "Retry installation" button. If this doesn't resolve it, let us know on Discord.
💡 Pro tip: Each Firebase project needs its own Dogen installation and API key.

8. Confirm Your Project Via Email

Check your inbox for a verification email from Dogen. Click the confirmation link to activate your project.

9. Access Your Dogen AP

After confirming your project, we'll prepare your own custom Dogen AP web instance. You'll receive an email with your unique access link when your application is ready. Once you receive this email, you can log in using your admin credentials from step 4.

Next Steps

Once you've completed the setup, you can:

Create Your First Blueprint →

Learn how to define your data structure using blueprints.

Generate Your First Client →

Turn your blueprints into a working client.

Need help? Check out our troubleshooting guide or reach out on Discord.