Customizing the authentication flow using asynchronous functions

This document shows you how to extend Identity Platform authentication using asynchronous Cloud Functions.

Asynchronous functions let you trigger non-blocking tasks in response to user creation and deletion. They are useful for starting long-running operations or performing auxiliary tasks, like sending a welcome email.

To directly modify the result of an authentication operation; see Extending authentication with blocking functions.

Before you begin

Create an app with Identity Platform. See the Quickstart to learn how.

Creating an asynchronous function

To create and deploy an asynchronous function, follow the steps in Get started: write, test, and deploy your first functions.

Responding to user creation

The onCreate event triggers whenever a user account is created. This includes anonymous sessions and accounts created with the Admin SDK. The function does not trigger when a user signs in for the first time using a custom token.

The following example shows how to register a handler for onCreate:


exports.myFunction = functions.auth.user().onCreate((user) => {
  // TODO.

Responding to user deletion

The onDelete event triggers whenever a user account is deleted. The following example shows how to register a handler for onDelete:


exports.myFunction = functions.auth.user().onDelete((user) => {
  // TODO.

Getting user information

The onCreate and onDelete events provide User and EventContext objects that contain information about the created or deleted user. For example:


exports.myFunction = functions.auth.user().onCreate((user, context) => {
  const email =; // The email of the user.
  const displayName = user.displayName; // The display name of the user.

See the UserRecord API reference and the EventContext API reference for a list of available fields.

What's next