firebase · srushtisv · Jun 26, 2025 · Jun 13, 2025 · Jun 23, 2025 · Jun 23, 2025
diff --git a/FirebaseAuth/Sources/Swift/Auth/Auth.swift b/FirebaseAuth/Sources/Swift/Auth/Auth.swift
@@ -1645,7 +1645,7 @@ extension Auth: AuthInterop {
   init(app: FirebaseApp,
        keychainStorageProvider: AuthKeychainStorage = AuthKeychainStorageReal.shared,
        backend: AuthBackend = .init(rpcIssuer: AuthBackendRPCIssuer()),
-       authDispatcher: AuthDispatcher = .init()) {
+       authDispatcher: AuthDispatcher = .init(), tenantConfig: TenantConfig? = nil) {
     self.app = app
     mainBundleUrlTypes = Bundle.main
       .object(forInfoDictionaryKey: "CFBundleURLTypes") as? [[String: Any]]
@@ -1668,7 +1668,8 @@ extension Auth: AuthInterop {
                                                     appID: app.options.googleAppID,
                                                     auth: nil,
                                                     heartbeatLogger: app.heartbeatLogger,
-                                                    appCheck: appCheck)
+                                                    appCheck: appCheck,
+                                                    tenantConfig: tenantConfig)
     self.backend = backend
     self.authDispatcher = authDispatcher
 
@@ -2428,3 +2429,38 @@ extension Auth: AuthInterop {
   /// Mutations should occur within a @synchronized(self) context.
   private var listenerHandles: NSMutableArray = []
 }
+
+/// Regionalized auth
+@available(iOS 13, tvOS 13, macOS 10.15, macCatalyst 13, watchOS 7, *)
+public extension Auth {
+  /// Gets the Auth object for a `FirebaseApp` configured for a specific Regional Google Cloud
+  /// Identity Platform (R-GCIP) tenant.
+  ///
+  /// Use this method to create an `Auth` instance that interacts with a regionalized
+  /// authentication backend instead of the default endpoint.
+  ///
+  /// - Parameters:
+  ///   - app: The Firebase app instance.
+  ///   - tenantConfig: The configuration for the R-GCIP tenant, specifying the tenant ID and its
+  /// location.
+  /// - Returns: The `Auth` instance associated with the given app and tenant config.
+  static func auth(app: FirebaseApp, tenantConfig: TenantConfig) -> Auth {
+    return Auth(app: app, tenantConfig: tenantConfig)
+  }
+
+  /// Holds configuration for a Regional Google Cloud Identity Platform (R-GCIP) tenant.
+  struct TenantConfig: Sendable {
+    public let tenantId: String
+    public let location: String
+
+    /// Initializes a `TenantConfig` instance.
+    ///
+    /// - Parameters:
+    ///   - tenantId: The ID of the tenant.
+    ///   - location: The location of the tenant. Defaults to "prod-global".
+    public init(tenantId: String, location: String = "prod-global") {
+      self.location = location
+      self.tenantId = tenantId
+    }
+  }
+}
diff --git a/FirebaseAuth/Sources/Swift/Backend/AuthRequestConfiguration.swift b/FirebaseAuth/Sources/Swift/Backend/AuthRequestConfiguration.swift
@@ -44,15 +44,22 @@ final class AuthRequestConfiguration {
   /// If set, the local emulator host and port to point to instead of the remote backend.
   var emulatorHostAndPort: String?
 
+  /// The regionalized GCIP tenant configuration, if provided.
+  /// This property contains tenant ID and location for regionalized GCIP services
+  /// It's non-`nil` only when the `Auth` instance is initialized with `TenantConfig`.
+  let tenantConfig: Auth.TenantConfig?
+
   init(apiKey: String,
        appID: String,
        auth: Auth? = nil,
        heartbeatLogger: FIRHeartbeatLoggerProtocol? = nil,
-       appCheck: AppCheckInterop? = nil) {
+       appCheck: AppCheckInterop? = nil,
+       tenantConfig: Auth.TenantConfig? = nil) {
     self.apiKey = apiKey
     self.appID = appID
     self.auth = auth
     self.heartbeatLogger = heartbeatLogger
     self.appCheck = appCheck
+    self.tenantConfig = tenantConfig
   }
 }