Firebase Auth Email Link — when and how should I migrate?
Decide how to keep Firebase Authentication email-link sign-in working on mobile after the Firebase Dynamic Links shutdown, and identify the blocker-level SDK and domain migration requirements that now apply.
Blockers
- capability/dynamic-links — EOL 2025-08-25
- Android mobile email-link authentication migration requires Firebase Authentication Android SDK 23.2.0+.
- Android mobile email-link authentication migration requires Firebase BoM 33.9.0+.
- Apple-platform mobile email-link authentication migration requires Firebase Authentication iOS SDK 11.8.0+.
- Older OAuth implementations below Firebase Authentication Android SDK 20.0.0 require upgrade to keep OAuth flows working.
- Older OAuth implementations below Firebase BoM 26.0.0 require upgrade to keep OAuth flows working.
Who this is for
- low-ops
- small-team
Candidates
Migrate Firebase Auth email-link sign-in to the Firebase Hosting default domain
As of 2026-03-26, the Firebase Dynamic Links shutdown has already occurred on August 25, 2025. Firebase documents that mobile email-link authentication must use the newer Firebase Hosting-based flow instead of Firebase Dynamic Links. For Android, Firebase says this requires Firebase Authentication Android SDK version 23.2.0+ and Firebase BoM 33.9.0+ for the new migration path; for Apple platforms, Firebase says the required minimum is Firebase Authentication iOS SDK 11.8.0+. Pricing for any Hosting or Auth usage should be checked in official docs.
When to choose
Use this when you want the lowest-friction path and you are staying on Firebase Authentication for mobile passwordless sign-in. It is the default choice when you can update all supported app versions and are fine using the project's Firebase Hosting domain for link handling.
Tradeoffs
Keeps the existing Firebase Auth product boundary and avoids adding a separate deep-link vendor. The tradeoff is accepting an unbranded firebaseapp.com or web.app link domain, which may be worse for user trust, deliverability perception, or preserving an existing branded link surface.
Cautions
Firebase states that older app versions that do not use the new Authentication SDK flow will no longer support these affected features after the shutdown. On Android, older OAuth implementations below Authentication SDK 20.0.0 or BoM 26.0.0 also require upgrade to keep OAuth flows working.
Keep Firebase Auth email-link sign-in but move to a custom Firebase Hosting domain
Firebase also supports using a custom Firebase Hosting domain for mobile email-link sign-in after the Dynamic Links shutdown. As of 2026-03-26, this is the supported way to preserve a branded domain while still using Firebase Authentication's Hosting-based replacement flow. Firebase documents that you can either set up a custom Hosting domain or re-use a former custom Dynamic Links domain as the new custom domain, but Dynamic Links-specific behavior is gone. Pricing for custom domain and related Firebase services should be checked in official docs.
When to choose
Use this when you need branded links, domain continuity, or stricter control over the link domain while remaining on Firebase Authentication. It is the better fit when the default Firebase Hosting domain is not acceptable for product, trust, or migration reasons.
Tradeoffs
Preserves brand and can reduce user-visible domain changes. The tradeoff is extra DNS, certificate, and mobile association setup and testing for the custom domain, which adds more operational surface area than using the default Firebase Hosting domain.
Cautions
Firebase states that re-used custom Dynamic Links domains no longer provide Firebase Dynamic Links functionality, including app-store fallback behavior if the app is not installed. You still need to update app handling and ActionCodeSettings to use the new Hosting-based linkDomain.
Try with your AI agent
$ npm install -g pocketlantern $ pocketlantern init # Restart Claude Code, Cursor, or your MCP client, then ask: # "Firebase Auth Email Link — when and how should I migrate?"