Fire Storage Exception ([firebase_storage/unauthorized] User is not authorized to perform the desired action.) (my rule is allow read/write)

Question

I am trying to get images from firebase firestore, while trying to get image download url there is this exception:

W/StorageUtil(10206): no auth token for request

(similar questions with this error not solve the problem)

Although my security rules allow read and write I getting this error still.

Any ideas what is the problem with this?

Code for getting image url:

  static Future<dynamic> loadImage(BuildContext context, String image) async {
    return await FirebaseStorage.instance.ref().child(image).getDownloadURL();
  }

Calling this loadImage function:

  Future<Widget> getImage(BuildContext context, String imgName) async {
   Image image;
    await FireStorageService.loadImage(context, imgName).then((value) {
    print(value);
    image = Image.network(value.toString(), fit: BoxFit.scaleDown);
    return image;
   });
  }

Calling this getImage function:

child: FutureBuilder(
future: getImage(context, "/images/test1.jpg"),
...
)

My firebase storage rules:

rules_version = '2';
service firebase.storage {
match /images/{imageId} {
  allow read,write;
}
}

Storage Rules ss:

My firebase store currently:

Answer 1

• Navigate to Firebase console

• In Sidebar under Develop open Storage

• Open Rules tab replace the rule on your console with the rule below:

   rules_version = '2'; service firebase.storage { match /b/{bucket}/o { match /{allPaths=**} { allow read, write } } }

And Publish Done

Answer 2

I fixed it by changing the rules.

Go to Firebase project>Storage>Rules.

By default, you are not allowed to upload on Firebase so you have to change that.

• Default rules

rules_version = '2';
service firebase.storage {
  match /b/{bucket}/o {
    match /{allPaths=**} {
      allow read, write: if false;
    }
  }
}

Change allow read, write: if false; to allow read, write;

Answer 3

(2022): Recently, I solved with following the Firestore basic security rules (for authenticated user):

service firebase.storage {
  match /b/{bucket}/o {
    match /{allPaths=**} {
      allow read, write: if request.auth != null;
    }
  }
}

You can see this in their website: https://firebase.google.com/docs/rules/basics?authuser=1#cloud-storage_1

I do not suggest that using allow read, write; directly. If your application has a authentication, then you need to check if auth is null or not.

Answer 4

Go to Project Settings -> App Check -> Products Change the Storage from Enforce -> Unenforced

Answer 5

This works for me by changing the rules in firebase.

rules_version = '2';
service firebase.storage {
  match /b/{bucket}/o {
    match /{allPaths=**} {
      allow read, write
    }
  }
}