100

Firebase auth was working fine, the debug build suddenly started failing without any change of code, logging the folloing message

D/PhoneAuthActivity( 7392): signInWithCredential:failure:com.google.firebase.auth.FirebaseAuthException: This app is not authorized to use Firebase Authentication. Please verifythat the correct package name and SHA-1 are configured in the Firebase Console. [ App validation failed ].

The only notable action inbetween a successful login and failure is android studio upgrade.

Improve this question
1

27 Answers 27

Reset to default
214

UPDATE (12th May 2022):

  • Find SHA1 and SHA-256 BOTH the certificate fingerprints from the play store console.

Play store Console > Your project > Release > Setup > App integrity

SHA1 and SHA256 from play-store console

  • Place BOTH SHA1 and SHA-256 fingerprints to your firebase app one by one.

Firebase Console > Your project > Settings of the app > Add Fingerprint

Fingerprints added to be in Firebase console

Ref: Authenticating Client Using Play App Signing

TAKE CARE BELOW POINTS

  1. Also insert local SHA1 and SHA-256. Get it by ./gradlew signingReport . Get more info from here.
  2. If you are using an Emulator for phone OTP verification, it won't work since it does not have a sim. So try installing it on your mobile(with sim).
  3. Enable app verification step is followed properly. and Android Device Verification is ENABLED.
  4. Make sure the correct project is selected from drop-down while enabling Android Device Verification.
  5. BOTH SHA-1 and SHA-256 fingerprints to be added in the Firebase project.
  6. After doing all the stuff, Please make sure you are using the latest/updated google-services.json file.
Improve this answer
8
  • 4
    Yes, I believe this is the big source of confusion in 2019. Some Firebase/React tutorial is telling you to get a SHA fingerprint from your release key, using the keytool, BUT actually you signed for "letting Google manage your app certificate" on the Play Console, so thats the thing you have to copy and paste on Firebase Console.
    – Hugo
    Sep 9, 2019 at 13:11
  • 1
    For myself, I had to paste the actual SHA1 from android studio
    – Dewsworld
    Oct 21, 2019 at 7:54
  • Using debug mode on a real device, I tried all the steps in the answer (add the fingerprint from play console and debug), but I am still getting an error: Error: [auth/app-not-authorized] This app is not authorized to use Firebase Authentication. Please verify that the correct package name and SHA-1 are configured in the Firebase Console. [ A safety_net_token was passed, but no matching SHA-256 was registered in the Firebase console. Please make sure that this application’s packageName/SHA256 pair is registered in the Firebase Console. ]
    – Rabbi Shuki Gur
    Oct 28, 2021 at 11:27
  • @RabbiShukiGur, For debug build, you don't need to follow all these steps. you just need to get SHA1 fingerprints from Android Studio.
    – Rumit Patel
    Nov 10, 2021 at 13:25
  • 1
    developers.google.com/android/guides/client-auth
    – exilonX
    Jan 26, 2022 at 12:38
72

When you updated Android Studio, the debug key which is used to sign debug apps might have changed. Just add the new SHA-1 checksum of your debug key in the firebase console.

Easiest way would be to connect/sync to firebase from

Tools>Firebase>Authentication>Connect>Sync

If you want to do it manually or for release keystore, first generate SHA-1 checksum using following command:

keytool -list -v -keystore KEYSTORE_PATH -alias ALIAS_NAME

Then copy the SHA-1 checksum and go to:

Firebase Console > Your project > Settings of the app > Add Fingerprint

For more info, read this guide: Authenticating Your Client | Google APIs for Android

Improve this answer
7
  • 5
    But this error is coming for signed apk. i have implemented firebase and ON authentication too. it's working for debug.keystore but it's not working for SHA generated from my keyStore. strange. any other having this issue?
    – Rumit Patel
    Oct 2, 2018 at 6:21
  • 2
    I have already done this. but I found totally strange solution. I'll post it later here.
    – Rumit Patel
    Oct 2, 2018 at 8:52
  • Could you post it @RumitPatel? Experiencing the same problem.
    – gowithefloww
    Oct 27, 2018 at 15:41
  • @gowithefloww , yes, kindly wait please. will post it tomorrow probably.
    – Rumit Patel
    Oct 27, 2018 at 15:55
  • @gowithefloww , kindly check answer, probably it'll be helpful for you next time. :-)
    – Rumit Patel
    Nov 28, 2018 at 6:25
25

If you are using a Emulator for phone OTP verification it won't work since it does not have a sim. So try installing it to your mobile(with sim) and check if the error persists.

Improve this answer
2
  • How did you figure this one out?
    – ravish.hacker
    Jul 11, 2020 at 20:50
  • 2
    I had tried it on the emulator but it was not working.Then i thought the problem is with the virtual mobile and so installed it on the real mobile it worked.
    – rakshit ks
    Jul 13, 2020 at 1:24
16

In case of Linux/Mac OS based Machine

Step 1: Go to Physical File Directory of your project in your file system

Step 2: Go to Your project> android>

Step 3: Press right click and open a new terminal in this directory

As shown in the image

Step 4: Run command './gradlew signingReport'

Step 5: Copy your SHA-1 key or SHA-56 key

Step 6: Go to Firebase Console> Your project> Project Settings> Add Fingerpring

Step 7: Paste your SHA-1 key or SHA-56 key and save.

Now, you are good to go.

Thanks.

Improve this answer
3
  • 2
    101% solution of the problem
    – Shiva Yadav
    Jun 13, 2020 at 15:45
  • 1
    if you're in android directory, it's just gradlew signingReport not ./gradlew signingReport
    – Zhangir Siranov
    Jun 16, 2020 at 11:08
  • 1
    @ZhangirSiranov that is for windows
    – Azizur Rehman
    Aug 8, 2023 at 15:10
9

Ok i just figured out the issue.. If you are using Play Store app signing, then the SHA1 from you distributed app will be different from the one you are using locally. Make sure you add the SHA1 key from Play Console to your app in the Firebase Console.

Improve this answer
4
  • 1
    Also, the google-services.json file needs to be downloaded again, and added to app, after submitting to app store. Then re-upload to google play store.
    – Rowan Gontier
    Dec 27, 2019 at 3:29
  • What do you mean "re-upload to google play store?" Upload what?
    – Pete Alvin
    Jan 1, 2020 at 0:59
  • @PeteAlvin i guess he meant to download google-services.json file after adding SHA1 from Play Store app signing
    – Stanislau Buzunko
    Mar 24, 2020 at 11:11
  • @Pete Alvin He clearly meant that when you add latest google-services.json file to your project then you definitely have to upload the latest aab file to google play console.
    – Jaffar
    Apr 15 at 19:57
6

If you are using Google Internal App Sharing, please note that Google automatically signs your builds with a totally different certificate as stated here, you'll need to find the signing certificate information that is automatically provided for your application build by Google.

To find the certificate;

  1. Sign in to your Play Console.
  2. Select your app.
  3. On the left menu, select Development tools > Internal app sharing.
  4. Select the “App certificate” tab, and then copy the SHA-1 to your firebase console.
Improve this answer
2
  • spent days rummaging around GCP before i stumbled across your answer. All i had to do was scroll down sigh. Thanks @Roach
    – Nathany Attipoe
    Jun 22, 2021 at 23:45
  • Glad I could help @NathanyAttipoe
    – Roach
    Jun 23, 2021 at 6:54
5

You can also get the SHA1 and SHA-256 of your signing certificate using the Gradle signingReport command:

./gradlew signingReport

Now add the SHA1 and SHA-256 in the project setting in firebase here.

enter image description here

Improve this answer
4

The latest error occurred

A safety_net_token was passed, but no matching SHA-256 was registered in the Firebase console. Please make sure that this application’s packageName/SHA256 pair is registered in the Firebase Console.

Solution is :

Add also SHA256 in project settings of Firebase Console.

Improve this answer
1
  • Exact solution, I was having same problem, solved using SHA256 to firebase.
    – Vishva Vijay
    Feb 15, 2021 at 9:50
3

Update your app Fingerprint in firebase it works for me.

Step 1: Get the latest SHA-1 by running this command in terminal For Linux or macOS:

keytool -list -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android

For Windows:

keytool -list -v -keystore "%USERPROFILE%\.android\debug.keystore" -alias androiddebugkey -storepass android -keypass android

Step 2: Go to Firebase Console and delete recently added Fingerprints

Firebase Console > Your project > Project Settings > Delete Fingerprint

Next: Firebase Console > Your project > Project Settings > Add Fingerprint Paste new SHA-1 Fingerprint and save. It will work fine now.

Improve this answer
3

This took me two days. I tried the accepted solution (by Nabin Bhandari) but that didn't work for me. Then finally managed to do it as follows.

  1. Go to "Build> Generate Signed Bundle/APK".

  2. If you wish to upload app to play store select "Android App Bundle", otherwise you can use "APK". Then go next.

  3. Now in "Key store path" click "CREATE NEW". Enter the details in dialog box. When you click "OK", you have your key files generated.

  4. Enter the key path, password etc.

  5. Select "debug" or "release" as desired. After this, your signed apk is generated at [project Directory]\app\debug.

  6. Now generate SHA-1 key using (as suggested by: Nabin):

    keytool -list -v -keystore KEYSTORE_PATH -alias ALIAS_NAME

  7. Use adb install app-debug.apk to install the app in the device. Now the app will work.

Dev/Debugging Tip: Install signed APK when Run is used.
When you click run again the signed app is overwritten and you might face the problem again. So there is a need to install signed apk when Run 'app' is clicked.

Add these values to your .gradle file (Module:app):

signingConfigs{
    debug{
        keyAlias 'your key alias'
        keyPassword 'your keypassword'
        storeFile file('keystore path')
        storePassword 'your storepassword'
    }
}

Ref: see here

Improve this answer
1
  • didn't worked for me, still same error.
    – Jaffar
    Oct 27, 2023 at 16:26
2

I am late but it's help to others.

This problem is occur when you use generate signed apk or may be in debug mode you forgot to save SHA-1 & SHA-256 in firebase console.

   The solution for generate signed apk is: Your app must be available on your google 
   play console (Google play store). Copy SHA-1 available in google play console > App 
   Signing and save in firebase console.
Improve this answer
2
  • How do you access the SHA-1 in Google Play Console?
    – Mark Lapasa
    Mar 22, 2021 at 21:20
  • nvm - it's Google Play Console -> Select App -> Setup -> App Integrity -> App signing key certificate -> SHA-1
    – Mark Lapasa
    Mar 22, 2021 at 21:22
1

I have got the same issue and solve as follow

Generate .keystore file like in this document https://facebook.github.io/react-native/docs/signed-apk-android

generated SHA-1 key by this command

keytool -list -v –keystore [PATH]\android\app\my-upload-key.keystore

And copy the SHA1 key under certificate fingerprints and add it firebase app settings->genaral tab->your app section->SHA certificate fingerprints

Improve this answer
1

I am posting it late but it's a very simple trick i have found Download this Key Explorer And explore your App signing key(.jks), You'll be able to get SHA-1 & other Keys also. Now copy your SHA-1 from here and add it to firebase console. Steps: Firebase Console > Your project > Project Settings > Add Fingerprint Paste your SHA-1 and save it.

The reason is of this error is while we do testing for debug-apk it uses local systems SHA(that we had already updated over firebase console) but when when it's Release-build & live on Play store, it uses SHA from SigningKey(.jks). So we have to update both fingerprints on console.

Improve this answer
1

Before, we could achieve user sign-in in our released app just by using our app's sha-1 certificate,could be generated by android studio. But now, we need to add the sha-1 certificate from the play console's app signing certificate to our firebase's project setting.

And the steps are already answered above by our fellows.

Improve this answer
1

If you are working with react-native. Please find correct debug.keystore which avaialbe in android -> app -> ./debug.keystore

I recommended to use this tool to find sha-1 and sha256.

https://keystore-explorer.org/downloads.html

I use "./gradlew signingReport" command but it's not give me correct details. It's may some error from my side but i strongly recommended to confirm you sha's (sha1 and sha256) detail with following tool .

https://keystore-explorer.org/downloads.html

Improve this answer
1

I had the SHA-1 and SHA-256 fingerprints for app. But still I was getting the error. Well, I had the fingerprints for my PRODUCTION keystore. When I added a new set of fingerprints for my debug keystore - it all worked just fine

Improve this answer
0

I think this is the easiest solution

See SHA-1 certificate fingerprint from App signing from play store console

  • Play console>Release dashboard>App signing>>Copy SHA-1 key[![How to get SHA-1 Key from Google play console] 1:[ https://i.stack.imgur.com/QvlnC.jpg]How to add SHA-1 key from Play Console to Firebase app

How to add SHA-1 key from Play Console to Firebase app]

Improve this answer
0

feature doesnt work on emulator even your mobile number is in physical device you must have to use a physical device to use phone authentication... you issue must be solved if you set up SHA1 key perfectly and still getting this exception

Improve this answer
0

I've had this same issue for days. After trying every possible solution I found out my firebase-auth dependency version was (19.3.1) and when I change it to the latest i.e (20.0.3 right now) it worked fine.

Improve this answer
0

Step 1 Open the android studio and click on Gradle at top of the right-hand side.

Step 2 Click on signingReport OR search it in Gradle(check the diagram)

Step 3 Copy the SHA-1 from bottom

First Image

Step 4 go to the firebase console and open your project setting in firebase.

Secound Image

Step 5 click on AddFingurePrint and paste the SHA1

Step 6 Again go to android studio and copy the SHA-256 and click on addFingurePrint button a second time and past it and save it

Improve this answer
0

Just add a SHA1 and SHA-256 into your firebase fingerprint

Step1: Run this command into your project terminal "cd .\android" and then keytool -list -v -keystore c:\Users\User_name.android\debug.keystore -alias androiddebugkey -storepass android -keypass android You will get a SHA keys Step 2: Copy those keys and add them inside the firebase fingerprint inside Project settings->users

Improve this answer
1
  • 1
    As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center.
    – Community Bot
    Mar 9, 2022 at 15:18
0

The same I had experienced, what happened was , I have newly install windows , therefore debug SHA keys changed, I added new debug sha1,sha256 to firebase console ,

to get SHA keys terminal run cd android , then below Code & pressed with ctrl button

./gradlew signingReport,

if this not works open project level build.gradle file , in top left click open for edit in Android Studio

it will take some time to load then run ./gradlew signingReport

Improve this answer
0

If you are working on react native project. goto ./android directory of your project then type

./gradlew signingReport

here you will find a number of SHA-256 and SHA-1, And if you are using debug application you have to select the SHA-256 or SHA-1 from the block Variant: debug, Config: debug as given below:

> Task :app:signingReport
Variant: debug   *<- Match this one (debug)*
Config: debug    *<- Match this one (debug)*
Store: ~/.android/debug.keystore
Alias: AndroidDebugKey
MD5: A5:88:41:04:8D:06:71:6D:FE:33:76:87:AC:AD:19:23
SHA1: A7:89:E5:05:C8:17:A1:22:EA:90:6E:A6:EA:A3:D4:8B:3A:30:AB:18
SHA-256: 05:A2:2C:35:EE:F2:51:23:72:4D:72:67:A5:6C:8C:58:22:2A:00:D6:DB:F6:45:D5:C1:82:D2:80:A4:69:A8:FE
Valid until: Wednesday, August 10, 2044
Improve this answer
0

If your app is running on emulater but not working on device then maybe the problem is of target API level requirement please make sure you run your app on target device as well.

Improve this answer
0

if you already added SHA-256 and SHA-1 to your project firebase and problem stil exists then try to run the app on your mobile phone not emulator

Improve this answer
0

I also face this problem while using firebase phone number authentication service on flutter mobile app but it the problem is fixed when I change the emulator.

Improve this answer
0

I had SHA-1 Added in Firebase Console with 3 variants:

  • Debug
  • Release (using keytool)
  • Google Play SHA-1

and still getting the same issue. Here is how I resolved it:

I went to Google Cloud Console > My Project > API & Services > Credentials and I noticed by comparing two Firebase Projects that the new project does NOT have OAuth 2.0 Client Id.

So I created a new OAuth2.0 Client ID

And added my Release SHA-1 and the package name

Firebase SHA-1 Cloud Console

Create another key but with the SHA-1 from Google Play Console

After that you will have to re-download the google-services.json file from Firebase Console and I noticed that this new file is different from the old one since it has OAuth data.

Lastly, add the new google-services.json to your Android project, Clean the Project, Generate Signed APK and voila!

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.