Firefox Accounts is the authentication and authorization system for Cloud Services at Mozilla, providing access to services such as Firefox Sync and Firefox Hello.
This documentation is for contributors wanting to help develop and maintain the Firefox Accounts service. We have separate documentation for other purposes:
Using your Firefox Account
More information is available on Mozilla's support site.
Integrating with Firefox Accounts
Developing a service that needs Firefox Accounts authentication? Head on over to the Firefox Accounts portal on MDN for a description of the system, how it works, and how to plug into it.
Note that all services integrating with Firefox Accounts require approval (and access credentials) from Mozilla. We are not yet offering Firefox Accounts authentication to third-party reliers on the web.
People and Places
These fine folks are the globally distributed team at the core of Firefox Accounts development, and will be happy to help answer any questions you might have:
- Ryan Kelly - Engineering (Melbourne, approx UTC+10)
- Shane Tomlinson - Engineering (London, approx UTC)
- Vlad Filippov - Engineering (Toronto, approx UTC-5)
- Vijay Budhram - Engineering (Orlando, approx UTC-5)
- Phil Booth - Engineering (London, approx UTC)
- John Morrison - Operations (Mountain View, approx UTC-8)
- Jon Buckley - Operations (Toronto, approx UTC-5)
- Ryan Feeley - UX (Toronto, approx UTC-5)
- Chris Karlof - Identity Services Manager (San Francisco, approx UTC-8)
- Alex Davis - Product Manager (Mountain View, approx UTC-8)
We meet regularly to triage bugs and make grand plans for the future. Anyone is welcome to join us in the following forums:
- Regular video meetings, as noted on the project calendar and with minutes in the coordination google-doc
- The Firefox Accounts mailing list
#fxachannel on Mozilla IRC
We mostly follow a micro-services architecture, with each component of the system being developed in a separate repository. The main components fit together like so:
Most repositories are available via GitHub
You can read more about the details of our development process
Core Servers and Libraries
- hosting login and create account pages
- hosting password reset pages
- hosting landing pages for email verification links
- hosting UI pages for the OAuth login flow
- latest: https://latest.dev.lcip.org/
- stable: https://stable.dev.lcip.org/
- prod: https://accounts.firefox.com/
fxa-js-client and at one time called "Gherkin".
- The Auth Server provides an HTTP API that:
- authenticates the user
- enables the user to authenticate to other services via BrowserID assertions
- enables change and reset password operations
- The OAuth Server provides an HTTP API that:
- accepts BrowserID assertions from the auth-server as authentication
- implements a standard OAuth2 token-granting flow
A server to provide common profile-related data for a Firefox Account. Such as name, avatar, location, age, gender, etc.
Database service that includes the database API. As well as MySql and Memory backends.
- FxA uses the Customs Server to detect and mitigate fraud & abuse.
- Deployment: currently pulled in by the auth server as an npm dependency
- fxa-relier-client [DEPRECATED]
- fxa-auth-db-mem [DEPRECATED]
- fxa-auth-db-server [DEPRECATED]
- browserid-verifier - FxA enables clients to generate BrowserID assertions on behalf of the user. FxA provides a hosted verifier for verifying these assertions.
For detailed server and deployment information see this MDN page.
Most of our work takes place on github, and we use waffle.io to provide an overview of bug status and activity:
If you have found a bug in FxA, please file it via the dashboard above
There is also a "Core/FxAccounts" bugzilla component that covers the accounts code inside Firefox itself, and a "Server: Firefox Accounts" component for when FxA code interacts with parts of Mozilla that operate out of bugzilla: