gcloud functions deploy require authentication by default.
If a cloud function require authentication, it require an authenticated user credential (of Cloud Identity and Access Management / IAM / Service Accounts) which normal utilize
Authorization HTTP headers with
Bearer prefix to send it Id Token. Such example would be Secure Cloud Functions for Cloud Scheduler.
You could allow unauthenticated function invocation.
Google Cloud Console ->Functions
- Click checkbox of a specific functions, where Right Info Panel is shown
Permissiontab and click
Cloud Functions -> Cloud Functions Invokerfor
Select a role.
NOTE: You can use
gcloud functions deploy FUNCTION_NAME --runtime python37 --trigger-http --allow-unauthenticated to enable unauthenticated function invocation, thus avoiding the complicated steps above.
allAuthenticatedUsersdoesn’t refer to Firebase Authentication users. It’s a Google Cloud Platform concept that stands for all service accounts. - Source
You cannot depend on this feature to secure cloud functions with Firebase Authentication, as it only works with
Cloud Identity and Access Management / IAM / Service Accounts.
Refer to Secure Cloud Functions With Firebase Authentication (Python). Things are easier if you are using Node.js.