How to Blur the Firebase Console During Screen Sharing (Hide Config & User Data)
Presenting from Firebase on a call? Here's how to hide the config and web API key, the project ID, the Authentication users list, Firestore documents, service account keys and Cloud Messaging keys before you share your screen.
To hide config and user data in the Firebase console during a screen share, blur the sensitive items in the page before you present — the Firebase config and web API key with your project ID in Project settings, the Authentication users list, and the documents in Firestore or the Realtime Database. BlurFirst paints each blur into the page as real pixels, so it survives Zoom, Google Meet, Microsoft Teams, Loom, OBS and even a screenshot of the shared feed.
The console is a browser-based single-page app that re-renders as you move between Authentication, Firestore and settings, so lean on anchored region blurs for the fixed chrome — the project name and the project switcher in the top bar — and use element blur or Scan for individual values. Start blurring with Ctrl/⌘ ⇧ Y and keep the panic hotkey Ctrl/⌘ ⇧ H ready for the Users table.
What the Firebase console shows that you don't mean to share
- Firebase config and web API key — under Project settings > General, the config snippet with
apiKey,authDomain,projectId,storageBucket,appIdandmessagingSenderId. - Project ID and name — shown in the top bar and project switcher; opening the switcher lists every other project you can reach, naming clients and environments.
- Authentication users — under Authentication > Users, the full list of accounts with email addresses, phone numbers, provider, sign-in dates and user UIDs.
- Firestore and Realtime Database documents — collections and documents holding real user data: names, emails, addresses, order details and tokens.
- Service account keys — under Project settings > Service accounts, the Generate new private key action produces a JSON key granting admin access to your backend.
- Cloud Messaging keys — the Server key and Sender ID under Cloud Messaging, used to send push notifications to your app's users.
- Storage paths — Cloud Storage file names and folders that can encode user IDs or client names.
Blur the Firebase console step by step
- 1
Open the section you'll present
Navigate to Authentication, Firestore or the exact settings page before the call, so you never open Project settings live with the config and web API key on screen.
- 2
Box-blur the project name and switcher
Drag a box over the top-bar project name and the switcher so the name and project ID stay hidden, and don't open the switcher dropdown live. The anchored box keeps covering the bar as the console re-renders.
- 3
Element-blur the config, keys and UIDs
On Project settings > General, click the config snippet to frost the
apiKeyandprojectId; do the same for a Server key under Cloud Messaging and for user UIDs in the Users table. - 4
Run Scan across users and documents
One click runs Scan (Pro), which detects email, phone, credit-card and API-key patterns locally and blurs them — ideal for the Authentication Users list or a Firestore document full of PII. It won't treat a UID, a project ID or a collection name as a pattern, so blur those yourself.
- 5
Avoid downloads and keep panic ready
Don't click Generate new private key on the call; the JSON downloads as a file BlurFirst can't touch once it leaves the browser. If a document or the Users table scrolls PII into frame, press Ctrl/⌘ ⇧ H to blur the whole page instantly.
| Sensitive item | Where it appears | Best gesture |
|---|---|---|
| Config + web API key | Project settings > General | Element-blur the snippet |
| Project ID + name | Top bar, project switcher | Box-blur; don't open switcher live |
| Auth users (emails, UIDs) | Authentication > Users | Scan, or box-blur the table |
| Firestore documents (PII) | Firestore, Realtime Database | Scan, or element blur per field |
| Cloud Messaging server key | Cloud Messaging | Element blur |
Why security rules don't cover what's on screen
Firebase Security Rules decide which client requests can read or write your data; a private project decides who can sign into the console. Neither controls what a person watching your screen sees. On a share the signed-in user is *you*, and the console prints the web API key, the config and every user's email in plain view. A web API key isn't a secret on its own — but paired with permissive rules it maps your whole project, and a service account key is a full admin credential. Rules and access gate the backend; blurring works at the presentation layer, controlling what the viewer sees regardless of your rules.
Reuse your Firebase blurs each session
If you present from the console regularly, set the structural blurs once and let BlurFirst Pro's per-site auto-apply re-apply them whenever you open console.firebase.google.com. Your box over the project name and switcher comes back automatically and survives the console's re-rendering as you move between Authentication, Firestore and settings. The profile stores only a CSS selector for each region, never the config, keys or user data inside it.