You should open firebase console and go to Authentication , then on the right hand side go to Sign In Method tab and then on the left hand side you will see a list of all the available ways to sign in or register. Click on the sign in method name, under the App section you will see Client ID and Client Secret which you need to configure in your security api.
You can use your custom backend which can provide JWTs in response to valid email and passwords (or whatever credentials your system accepts). You can use this custom auth token on your client to authenticate with firebase.
The benefit of this approach is that you can use security rules properly as would for normal Firebase auth users instead of locking down the database and invoking functions for every read/write (this can get expensive fast and you might face issues if using a lot of transactions and batch writes).
It is possible to use your custom backend to generate JWTs when valid email and passwords are provided (or whatever credentials your system accepts). To authenticate with Firebase, you can use this custom authentication token on your client.