# How to Fix Network Request Failed in Firebase Auth

- Tool: Firebase
- Difficulty: Beginner
- Time required: 10-15 min
- Compatibility: Firebase (Spark and Blaze plans), firebase v9+ modular SDK, React Native, Android, iOS
- Last updated: March 2026

## TL;DR

The 'network request failed' error in Firebase Auth occurs when the app cannot reach Firebase's authentication servers. Common causes include CORS misconfigurations, overly restrictive API key settings, firewall or proxy blocks, missing internet permissions on mobile platforms, and emulator connectivity issues. This guide walks through each cause with specific diagnostic steps and fixes to restore authentication connectivity.

## Resolving 'Network Request Failed' Errors in Firebase Authentication

When Firebase Auth cannot reach Google's identity servers, it throws a 'network request failed' error. This tutorial systematically diagnoses and fixes every common cause, from browser CORS issues and corporate firewalls to missing Android manifest permissions and emulator configuration problems. Each cause includes the specific symptoms to look for and the targeted fix.

## Before you start

- A Firebase project with Authentication configured
- The firebase npm package installed (v9 or later)
- Access to browser developer tools or mobile debugging tools
- An active internet connection (for ruling out connectivity issues)

## Step-by-step guide

### 1. Check basic internet connectivity

Before diving into Firebase-specific debugging, confirm your device can reach Google's servers. Open a browser tab and navigate to https://identitytoolkit.googleapis.com. If this URL is unreachable, the issue is network-level (firewall, proxy, VPN, or no internet). On mobile, toggle airplane mode off and verify cellular or Wi-Fi is connected.

```
// Quick connectivity test in browser console:
fetch('https://identitytoolkit.googleapis.com')
  .then(res => console.log('Reachable, status:', res.status))
  .catch(err => console.error('Unreachable:', err.message))

// Expected: status 404 (endpoint exists but needs params)
// If error: network is blocking the request
```

**Expected result:** The fetch succeeds with a 404 status code, confirming the server is reachable.

### 2. Fix API key restrictions blocking auth requests

If you restricted your Firebase API key in the Google Cloud Console, it may block auth-related APIs. Go to Google Cloud Console > APIs & Services > Credentials, find your API key, and check the restrictions. Firebase Auth requires the Identity Toolkit API and Token Service API. If you set HTTP referrer restrictions, ensure your app's domain (including localhost for development) is listed.

```
// Symptoms:
// - auth/network-request-failed on signIn or signUp
// - Browser Network tab shows 403 on identitytoolkit.googleapis.com
// - Works in one environment but not another

// Fix in Google Cloud Console:
// 1. APIs & Services > Credentials > Click your API key
// 2. Under 'API restrictions':
//    - 'Don't restrict key' (safest for web)
//    - OR allow: Identity Toolkit API, Token Service API
// 3. Under 'Application restrictions' > HTTP referrers:
//    - Add: localhost, localhost:*, your-domain.com/*
```

**Expected result:** Auth requests to identitytoolkit.googleapis.com return 200 instead of 403.

### 3. Fix CORS issues for web applications

CORS errors prevent the browser from reaching Firebase's servers. This usually happens when a proxy server, browser extension, or service worker intercepts and modifies requests. Check the browser Network tab for CORS-related errors on requests to googleapis.com. Remove or configure any proxy middleware that might intercept auth requests.

```
// Symptoms:
// - Console shows 'CORS policy' error alongside network request failed
// - Network tab shows preflight OPTIONS request failing

// Common causes:
// 1. A development proxy intercepting Firebase requests
// 2. A service worker caching or blocking auth endpoints
// 3. A browser extension (ad blocker, privacy tool) blocking Google domains

// Fix for Vite proxy (vite.config.ts):
// Do NOT proxy Firebase domains. Only proxy your own API:
export default defineConfig({
  server: {
    proxy: {
      '/api': 'http://localhost:3001',
      // Do NOT add entries for googleapis.com
    }
  }
})
```

**Expected result:** Auth requests reach Firebase servers directly without CORS or proxy interference.

### 4. Fix Android internet permission issues

On Android, the app needs the INTERNET permission to make network requests. React Native and native Android apps must declare this in AndroidManifest.xml. Additionally, starting with Android 9, cleartext HTTP traffic is blocked by default. Firebase uses HTTPS so this should not be an issue, but custom proxy configurations might route through HTTP.

```
<!-- android/app/src/main/AndroidManifest.xml -->
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
  <!-- Add these permissions -->
  <uses-permission android:name="android.permission.INTERNET" />
  <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />

  <application
    android:usesCleartextTraffic="false"
    ...>
  </application>
</manifest>
```

**Expected result:** The Android app can reach Firebase's servers and authentication works.

### 5. Fix Firebase Emulator connectivity issues

When using the Firebase Auth Emulator, the 'network request failed' error often means your app is trying to reach the production auth server instead of the emulator, or the emulator is not running. Call connectAuthEmulator() before any auth operations. Make sure the emulator is running on the expected port (default 9099) and the host is reachable from your app.

```
import { getAuth, connectAuthEmulator } from 'firebase/auth'

const auth = getAuth()

// Connect to the emulator in development only
if (process.env.NODE_ENV === 'development') {
  connectAuthEmulator(auth, 'http://127.0.0.1:9099', {
    disableWarnings: true,
  })
}

// For React Native or mobile, use your machine's IP:
// connectAuthEmulator(auth, 'http://192.168.1.100:9099')
```

**Expected result:** Auth operations connect to the local emulator instead of production Firebase servers.

### 6. Handle transient network failures gracefully

Even with correct configuration, network requests can fail due to temporary connectivity issues, server-side problems, or mobile network transitions. Implement retry logic for auth operations and show meaningful error messages to users instead of raw Firebase errors.

```
import { signInWithEmailAndPassword, AuthError } from 'firebase/auth'

async function signInWithRetry(
  auth: any,
  email: string,
  password: string,
  maxRetries = 2
) {
  for (let attempt = 0; attempt <= maxRetries; attempt++) {
    try {
      return await signInWithEmailAndPassword(auth, email, password)
    } catch (error) {
      const authError = error as AuthError
      if (
        authError.code === 'auth/network-request-failed' &&
        attempt < maxRetries
      ) {
        // Wait before retrying (exponential backoff)
        await new Promise(r => setTimeout(r, 1000 * (attempt + 1)))
        continue
      }
      throw error
    }
  }
}
```

**Expected result:** Transient network failures are retried automatically and persistent failures show a clear message.

## Complete code example

File: `network-safe-auth.ts`

```typescript
import {
  getAuth,
  connectAuthEmulator,
  signInWithEmailAndPassword,
  createUserWithEmailAndPassword,
  AuthError,
  User,
} from 'firebase/auth'

const auth = getAuth()

// Connect to emulator in development
if (process.env.NODE_ENV === 'development') {
  connectAuthEmulator(auth, 'http://127.0.0.1:9099', {
    disableWarnings: true,
  })
}

interface AuthResult {
  user?: User
  error?: string
}

async function withNetworkRetry<T>(
  operation: () => Promise<T>,
  maxRetries = 2
): Promise<T> {
  for (let attempt = 0; attempt <= maxRetries; attempt++) {
    try {
      return await operation()
    } catch (error) {
      const authError = error as AuthError
      const isNetworkError =
        authError.code === 'auth/network-request-failed'
      if (isNetworkError && attempt < maxRetries) {
        await new Promise((r) => setTimeout(r, 1000 * (attempt + 1)))
        continue
      }
      throw error
    }
  }
  throw new Error('Max retries exceeded')
}

export async function safeSignIn(
  email: string,
  password: string
): Promise<AuthResult> {
  try {
    const { user } = await withNetworkRetry(() =>
      signInWithEmailAndPassword(auth, email, password)
    )
    return { user }
  } catch (error) {
    const authError = error as AuthError
    if (authError.code === 'auth/network-request-failed') {
      return { error: 'Unable to connect. Check your internet connection.' }
    }
    return { error: authError.message }
  }
}

export async function safeSignUp(
  email: string,
  password: string
): Promise<AuthResult> {
  try {
    const { user } = await withNetworkRetry(() =>
      createUserWithEmailAndPassword(auth, email, password)
    )
    return { user }
  } catch (error) {
    const authError = error as AuthError
    if (authError.code === 'auth/network-request-failed') {
      return { error: 'Unable to connect. Check your internet connection.' }
    }
    return { error: authError.message }
  }
}
```

## Common mistakes

- **Restricting the Firebase API key to specific APIs and accidentally blocking Identity Toolkit** — undefined Fix: In Google Cloud Console, ensure your API key allows the Identity Toolkit API and Token Service API. The safest option for web is no API restrictions with HTTP referrer restrictions only.
- **Using localhost in connectAuthEmulator on systems with IPv6, causing connection failures** — undefined Fix: Use http://127.0.0.1:9099 instead of http://localhost:9099. IPv6 resolution of localhost can cause connection issues on some operating systems.
- **Forgetting to add INTERNET permission in Android manifest for React Native apps** — undefined Fix: Add <uses-permission android:name='android.permission.INTERNET' /> to AndroidManifest.xml. This permission is required for any network requests.
- **A browser extension blocking requests to Google domains** — undefined Fix: Test in an incognito window with extensions disabled. If auth works there, identify and configure the blocking extension (common culprits: ad blockers, privacy tools).

## Best practices

- Test auth operations in an incognito window to isolate browser extension issues
- Use 127.0.0.1 instead of localhost for emulator connections to avoid IPv6 problems
- Implement retry logic with exponential backoff for transient network failures
- Show user-friendly error messages instead of raw Firebase error codes
- Check the browser Network tab for failed requests to googleapis.com as the first debugging step
- Do not over-restrict your Firebase API key in Google Cloud Console
- Use connectAuthEmulator only in development, gated behind an environment check

## Frequently asked questions

### What exactly causes the 'auth/network-request-failed' error?

This error fires when the Firebase SDK cannot complete an HTTP request to Google's authentication servers (identitytoolkit.googleapis.com). Causes include no internet, firewall blocks, CORS interference, API key restrictions, or browser extensions blocking Google domains.

### Why does auth work on desktop but fail on mobile?

Mobile-specific causes include missing INTERNET permission on Android, cellular networks blocking certain domains, or the app trying to reach an emulator on localhost (which does not resolve to the development machine on a physical device).

### How do I test if my API key is blocking auth?

Open the browser Network tab, attempt to sign in, and look for requests to identitytoolkit.googleapis.com. If they return 403, your API key restrictions are blocking the Identity Toolkit API.

### Can a VPN cause this error?

Yes, some VPNs block or throttle requests to Google services. Try disconnecting the VPN to test. If auth works without VPN, configure the VPN to allow googleapis.com domains.

### Does Firebase Auth work offline?

Firebase Auth caches the current user session locally, so a previously signed-in user remains authenticated offline. However, new sign-in and sign-up operations always require an internet connection and will throw network-request-failed when offline.

### Can RapidDev help resolve persistent Firebase Auth connectivity issues?

Yes, RapidDev's engineering team can diagnose complex networking issues including corporate firewall configurations, API key setup, and mobile-specific auth connectivity problems.

---

Source: https://www.rapidevelopers.com/firebase-tutorial/how-to-fix-network-request-failed-in-firebase-auth
© RapidDev — https://www.rapidevelopers.com/firebase-tutorial/how-to-fix-network-request-failed-in-firebase-auth
