If you want to consume Curb Hero data outside the embed (for example, surfacing pickup status inside your own dashboard widgets), the same endpoint works directly. It’s a single authenticated GET with CORS open to any origin.
GET https://us-central1-curbhero-bd084.cloudfunctions.net/getEmbedStatus
Authorization: Bearer <Firebase ID token>
200 OK
{
"user": { "uid": "abc", "fullName": "Priya K.", "email": "p@example.com" },
"households": [
{
"id": "h_1207",
"addressLine1": "1207 Grovewood Ln",
"locationLabel": "Eagle, ID, 83616",
"subscriptionStatus": "active",
"services": [{ "type": "trash", "frequency": "weekly", "dayOfWeek": 2 }],
"todayPickup": {
"status": "taken_out",
"driverFirstName": "Marcus",
"takeOutPhotoUrl": "https://storage.googleapis.com/...?...",
"bringBackPhotoUrl": null
}
}
],
"fetchedAt": "2026-05-19T14:42:30.000Z"
}
- →Auth. Pass a Firebase ID token in the
Authorization: Bearer … header. Tokens are ~1 hour validity; refresh in the popup flow or callauth.currentUser.getIdToken(true) on the Curb Hero origin. - →Photo URLs are signed Cloud Storage URLs valid for one hour. The endpoint signs them server-side so your code never needs the Firebase SDK or Storage rules knowledge.
- →Today.The endpoint computes “today” in UTC, matching how Curb Hero materializes scheduled pickups internally.