How to Create a Custom Database in FlutterFlow

In FlutterFlow's left navigation, click the Firestore icon (cylinder icon) to open the Firestore panel. Click the + button to add a new collection. Name it using plural lowercase with underscores — for example: users, products, orders. For each collection, FlutterFlow shows a field editor. Every Firestore document automatically has a document ID — you do not need to add an id field manually. Add your first field by clicking + Add Field. Choose the field name (e.g., title) and type. FlutterFlow's field types map directly to Firestore: String (text), Integer (whole numbers), Double (decimals), Boolean (true/false), Timestamp (dates and times), DocumentReference (pointer to another document), LatLng (coordinates), Blob (binary data), JSON (unstructured data), Array (list of same-type values), and Map (nested key-value pairs). Create your core collections — a typical app needs users (displayName: String, email: String, createdAt: Timestamp, subscriptionTier: String), products (title: String, description: String, price: Double, imageUrl: String, stockCount: Integer, isActive: Boolean), and orders (userId: DocumentReference → users collection, total: Double, status: String, createdAt: Timestamp).

Firestore is a document database — there are no JOIN operations. Relationships are modeled in two ways. First, DocumentReference: when one document needs to point to another, add a field of type DocumentReference and specify which collection it points to. For example, on the orders collection add a field userId of type DocumentReference → users. In FlutterFlow, when you set this field, you select a specific user document, and when you query it later you can use 'Reference' in your Backend Query to get the referenced document's fields. Second, subcollections: for one-to-many relationships where you frequently query the child items in isolation, use subcollections. Example: users/{uid}/cart_items is a subcollection under each user document. In FlutterFlow's Firestore panel, click a collection → Add Subcollection → name it cart_items → add fields (productRef: DocumentReference, quantity: Integer, addedAt: Timestamp). The path users/{uid}/cart_items means each user has their own cart isolated from other users' carts — efficient to query with a single-document path filter.

Firestore automatically indexes every field for single-field queries. But if your Backend Query uses more than one field in a where clause, or combines a where clause with an orderBy on a different field, Firestore requires a composite index. Without it, the query returns an error with a direct link to create the needed index. In FlutterFlow: go to your Firestore panel → select a collection → click the Indexes tab → click Add Index. Define the fields and their sort directions. Example: to query orders where status == 'pending' ordered by createdAt descending, add a composite index on [status ASC, createdAt DESC]. You can also create indexes directly in the Firebase Console under Firestore → Indexes → Composite → Add index — use the exact error link from the Flutter console (visible in Run mode or exported code) to auto-populate the index fields. Indexes take 2-5 minutes to build. During development, keep a note of every compound query you add so you remember to create its index before deploying.

1// Example Backend Query configuration that requires a composite index:
2// Collection: orders
3// Filter: status == 'pending'  AND  userId == currentUserRef
4// OrderBy: createdAt (Descending)
5// Limit: 20
6//
7// Required composite index fields:
8// Field 1: status   Direction: Ascending
9// Field 2: userId   Direction: Ascending
10// Field 3: createdAt Direction: Descending
11//
12// Create in Firebase Console:
13// Firestore → Indexes → Composite → Add index
14// Collection ID: orders
15// Add the three fields above with their directions
16// Click Create index (builds in ~3 minutes)

If your data model requires true relational queries — JOINs between tables, foreign key constraints, aggregate functions (SUM, COUNT, AVG), or complex filtering across multiple related tables — Supabase's PostgreSQL is a better choice than Firestore. Connect Supabase in FlutterFlow: Settings → Integrations → Supabase → enter your Supabase Project URL and Anon Key (from Supabase Dashboard → Settings → API). Once connected, FlutterFlow's Backend Query panel shows a Supabase Query option. You write SQL-style queries in FlutterFlow's query builder: SELECT fields, FROM table, WHERE conditions, ORDER BY, LIMIT. Create tables in Supabase Dashboard → Table Editor → New table, or using the SQL Editor. Define foreign keys: orders.user_id → users.id for referential integrity. Important: enable Row Level Security (RLS) on every table immediately — without RLS, any authenticated user can read all data. In the SQL Editor run: ALTER TABLE orders ENABLE ROW LEVEL SECURITY; then create policies for read/write access.

FlutterFlow's Content Manager lets you add, edit, and delete Firestore documents without writing code or visiting the Firebase Console. Click the Content Manager icon in the left navigation (grid icon). Select a collection from the dropdown. Click + Add Document — a form appears with all the fields you defined. Fill in values for each field: strings, numbers, timestamps (date picker), booleans (toggle). For DocumentReference fields, a dropdown shows existing documents in the referenced collection — select the correct one. For Array fields, add comma-separated values. For Map fields, enter key-value pairs. Repeat for 3-5 documents per collection so your UI has realistic data to display during development. This is significantly faster than manually entering data in the Firebase Console. Note: Content Manager writes directly to your project's live Firestore — use a dev Firebase project during development, not your production database.

By default, new Firestore databases are created in locked mode (all reads/writes denied). You must write security rules before your app can access data. In FlutterFlow: Firestore panel → Security Rules tab → you can write rules directly here, then click Deploy. Basic rules for an authenticated app: allow read, write: if request.auth != null (any authenticated user can access everything — too permissive for production). Better user-scoped rule: for the users collection, allow read, write: if request.auth.uid == resource.data.userId. For the orders subcollection: allow read, write: if request.auth.uid == get(/databases/$(database)/documents/users/$(userId)).data.uid. Test rules in Firebase Console → Firestore → Rules → Rules Playground before deploying. Clicking 'Deploy Rules' in FlutterFlow pushes rules to Firebase immediately — changes take effect within 60 seconds.

1rules_version = '2';
2service cloud.firestore {
3  match /databases/{database}/documents {
4
5    // Users can only read/write their own user document
6    match /users/{userId} {
7      allow read, write: if request.auth != null
8                         && request.auth.uid == userId;
9    }
10
11    // Products: anyone authenticated can read, only admins write
12    match /products/{productId} {
13      allow read: if request.auth != null;
14      allow write: if request.auth != null
15                   && get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role == 'admin';
16    }
17
18    // Orders: users can read/write only their own orders
19    match /orders/{orderId} {
20      allow read, write: if request.auth != null
21                         && request.auth.uid == resource.data.userId;
22      allow create: if request.auth != null
23                    && request.auth.uid == request.resource.data.userId;
24    }
25
26    // Cart items subcollection: user owns their own cart
27    match /users/{userId}/cart_items/{itemId} {
28      allow read, write: if request.auth != null
29                         && request.auth.uid == userId;
30    }
31  }
32}