82

Firebase auth was working fine, the debug build suddenly started failing without any change of code, logging the folloing message

D/PhoneAuthActivity( 7392): signInWithCredential:failure:com.google.firebase.auth.FirebaseAuthException: This app is not authorized to use Firebase Authentication. Please verifythat the correct package name and SHA-1 are configured in the Firebase Console. [ App validation failed ].

The only notable action inbetween a successful login and failure is android studio upgrade.

Nabin Bhandari
  • 15,064
  • 6
  • 44
  • 55
ishandutta2007
  • 14,798
  • 14
  • 81
  • 114

21 Answers21

160

UPDATE (12th May 2022):

  • Find SHA1 and SHA-256 BOTH the certificate fingerprints from the play store console.

Play store Console > Your project > Release > Setup > App integrity

SHA1 and SHA256 from play-store console

  • Place BOTH SHA1 and SHA-256 fingerprints to your firebase app one by one.

Firebase Console > Your project > Settings of the app > Add Fingerprint

Fingerprints added to be in Firebase console

Ref: Authenticating Client Using Play App Signing

TAKE CARE BELOW POINTS

  1. Also insert local SHA1 and SHA-256. Get it by ./gradlew signingReport . Get more info from here.
  2. If you are using an Emulator for phone OTP verification, it won't work since it does not have a sim. So try installing it on your mobile(with sim).
  3. Enable app verification step is followed properly. and Android Device Verification is ENABLED.
  4. Make sure the correct project is selected from drop-down while enabling Android Device Verification.
  5. BOTH SHA-1 and SHA-256 fingerprints to be added in the Firebase project.
  6. After doing all the stuff, Please make sure you are using the latest/updated google-services.json file.
Rumit Patel
  • 4,807
  • 11
  • 42
  • 54
  • 10
    Tried multiple suggestions. This was the only one that works! +1 – Ally Jr Jan 06 '19 at 11:53
  • 9
    This was the only one that ever made sense. – Prativa Jun 17 '19 at 11:55
  • 3
    Yes, I believe this is the big source of confusion in 2019. Some Firebase/React tutorial is telling you to get a SHA fingerprint from your release key, using the keytool, BUT actually you signed for "letting Google manage your app certificate" on the Play Console, so thats the thing you have to copy and paste on Firebase Console. – Hugo Sep 09 '19 at 13:11
  • 7
    This is the best answer – Jean Eric Oct 15 '19 at 11:42
  • 1
    For myself, I had to paste the actual SHA1 from android studio – Dewsworld Oct 21 '19 at 07:54
  • 2
    You saved my daySSS – TLee Mar 03 '20 at 15:45
  • 1
    This works perfectly without having to compile the app again, it works straight from console settings of play store and firebase.... – DragonFire Mar 10 '20 at 10:10
  • This help even after publishing the app to the store – Khaled Alhayek Apr 12 '20 at 15:37
  • This will take the time or direct update. I perform the above steps but getting the same error – Maulik Santoki Jun 08 '20 at 05:01
  • @MaulikSantoki It should not take more then hour. – Rumit Patel Jun 23 '20 at 10:01
  • 3
    Thanks a lot. This was the best answer – Vishal Singh Jul 20 '20 at 19:18
  • Also be aware if it's your debug keytool to be used. – ymerdrengene Aug 23 '20 at 16:42
  • 1
    For more info - App signing has changed to App integrity in New Play Console. This answer is better for me. It doesn't include publishing the app again and wait for review. – Khan Sharukh Feb 12 '21 at 13:21
  • @KishanSolanki I also had this issue, but in my case, I was trying on Emulator. It was working fine on a real device. – Rumit Patel Mar 25 '21 at 15:11
  • @RumitPatel I know brother that we should test it on a real device. Leave real device, I am testing it in the live version of the application (not in debug) and still not working. It seems an old answer. If you try this now (today), it won't work. – Kishan Solanki Mar 26 '21 at 04:05
  • @KishanSolanki This is not an old answer, Just need to update it with some additional info. Actually, A step is added called [Enable app verification.](https://firebase.google.com/docs/auth/android/phone-auth#enable-app-verification). Another thing is to add Sha-256 on Firebase console. and it's done. let me know if still issue persists, I would happy to help. :-) – Rumit Patel Mar 26 '21 at 05:16
  • @RumitPatel you know what, I have already added that also. But after that, I am facing a new problem. I did also asked the question over StackOverflow, here is the link https://stackoverflow.com/q/66757620/8874958 , Check if you can help. – Kishan Solanki Mar 26 '21 at 05:38
  • 2
    Thanks. Adding the SHA-256 fingerprint (to the existing SHA-1) was enough for me – wamfous Apr 07 '21 at 14:43
  • Please update the answer that this step is mandatory if you have opted for Google Managed App Signing Key otherwise you can get the Sign details using `signingReport` gradle task and add the SHAs to firebase or even using `apksigner -verify --print-certs ` – guneetgstar Apr 18 '21 at 06:24
  • @guneetgstar, correct. But most of the projects on google-play opted for *App Signing Key* – Rumit Patel Apr 18 '21 at 17:15
  • Most but not all. As I told keys can be extracted in other ways so someone might still end up adding the wrong key if he doesn't know if the app he is publishing has already opted for the `Google App Signing key` – guneetgstar Apr 19 '21 at 11:37
  • Can anybody explain the difference between Play Store SHA and key tool SHA? Very confusing which to go – Watanabe.N May 13 '21 at 15:04
  • @ishandutta2007 should mark this as the right answer! – Emad Jul 05 '21 at 07:15
  • This worked for me. even I generated SHA1 and SHA-256 for signed APK from android studio and added to firebase but didn't work. Then I followed this solution and worked!!!!! – waseem Aug 25 '21 at 07:10
  • During development, did anyone tried using emulator to view the console but the phone number entered was actually sent to a real device? Of course the Emulator doesn't have a sim but the phone number entered is a valid one. Which means I am using an emulator device and a real device at the same time. – 4 Leave Cover Sep 18 '21 at 09:03
  • 1
    Thanks a lot, somehow we missed it, this answer saved our day. – Fahad Sep 20 '21 at 11:57
  • I have a major problem regarding this solution. On my devices this worked like charm, I signed up for testing of my app to get my app from the app store. However, my customer (who gets the app in the same way like me) is complaining about getting this error. We had this error before, then I did this. It was fixed for me, but it was not for any of my customers. What could be the root cause of this, please? – Martin Braun Sep 23 '21 at 21:21
  • @MartinBraun , I faced the same issue couple of times. I don't know the root cause but I removed all the `SHA-1` and `SHA-256` and re-inserted them and it worked. And yes, please make sure you are using the latest `google-services.json` file. try to update it too. Note: Please update the `google-services.json` file after re-inserting `SHA-1` and `SHA-256` entries. – Rumit Patel Oct 08 '21 at 10:08
  • 1
    @RumitPatel Thanks a lot. I think I really messed up with the `google-services.json`. I did exactly what you told me and now it works. – Martin Braun Oct 09 '21 at 12:43
  • 1
    Thanks. This solution is well explained and actually works! – Teckchun Oct 19 '21 at 08:51
  • Using debug mode on a real device, I tried all the steps in the answer (add the fingerprint from play console and debug), but I am still getting an error: Error: [auth/app-not-authorized] This app is not authorized to use Firebase Authentication. Please verify that the correct package name and SHA-1 are configured in the Firebase Console. [ A safety_net_token was passed, but no matching SHA-256 was registered in the Firebase console. Please make sure that this application’s packageName/SHA256 pair is registered in the Firebase Console. ] – Rabbi Shuki Gur Oct 28 '21 at 11:27
  • @RabbiShukiGur, For debug build, you don't need to follow all these steps. you just need to [get SHA1 fingerprints from Android Studio.](https://stackoverflow.com/a/33479550/2289835) – Rumit Patel Nov 10 '21 at 13:25
  • 1
    https://developers.google.com/android/guides/client-auth – exilonX Jan 26 '22 at 12:38
  • I believe the above steps are relevant if you are using playstore to download the app. If you are using flutter run --release from local machine, do playstore SHA keys still need updating? I am havig the same error but I am running the release version locally. – Damandroid Feb 28 '22 at 11:01
  • 1
    This was the best answer. It actually works without having to update the app though it is expected that you will update your google-services.json file – Lightwaxx May 27 '22 at 06:47
67

When you updated Android Studio, the debug key which is used to sign debug apps might have changed. Just add the new SHA-1 checksum of your debug key in the firebase console.

Easiest way would be to connect/sync to firebase from

Tools>Firebase>Authentication>Connect>Sync

If you want to do it manually or for release keystore, first generate SHA-1 checksum using following command:

keytool -list -v -keystore KEYSTORE_PATH -alias ALIAS_NAME

Then copy the SHA-1 checksum and go to:

Firebase Console > Your project > Settings of the app > Add Fingerprint

For more info, read this guide: Authenticating Your Client | Google APIs for Android

Nabin Bhandari
  • 15,064
  • 6
  • 44
  • 55
  • 5
    But this error is coming for signed apk. i have implemented firebase and ON authentication too. it's working for debug.keystore but it's not working for SHA generated from my keyStore. strange. any other having this issue? – Rumit Patel Oct 02 '18 at 06:21
  • 2
    I have already done this. but I found totally strange solution. I'll post it later here. – Rumit Patel Oct 02 '18 at 08:52
  • Could you post it @RumitPatel? Experiencing the same problem. – gowithefloww Oct 27 '18 at 15:41
  • @gowithefloww , yes, kindly wait please. will post it tomorrow probably. – Rumit Patel Oct 27 '18 at 15:55
  • @gowithefloww , kindly check answer, probably it'll be helpful for you next time. :-) – Rumit Patel Nov 28 '18 at 06:25
  • I was not able to sync also with the project – tenTen Mar 12 '20 at 19:12
  • We are using flutter, so we are getting below error, any advise? Could not find the Android Application module. Only Android Application Modules can be connected to Firebase online projects. Create a new Android Application Module or create/import a different Android Studio project – Fahad Sep 20 '21 at 12:14
22

If you are using a Emulator for phone OTP verification it won't work since it does not have a sim. So try installing it to your mobile(with sim) and check if the error persists.

rakshit ks
  • 402
  • 5
  • 13
12

In case of Linux Machine

Step 1: Go to Physical File Directory of your project in your file system

Step 2: Go to Your project> android>

Step 3: Press right click and open a new terminal in this directory

As shown in the image

Step 4: Run command './gradlew signingReport'

Step 5: Copy your SHA-1 key or SHA-56 key

Step 6: Go to Firebase Console> Your project> Project Settings> Add Fingerpring

Step 7: Paste your SHA-1 key or SHA-56 key and save.

Now, you are good to go.

Thanks.

Shiva Yadav
  • 20
  • 1
  • 9
9

Ok i just figured out the issue.. If you are using Play Store app signing, then the SHA1 from you distributed app will be different from the one you are using locally. Make sure you add the SHA1 key from Play Console to your app in the Firebase Console.

Chris
  • 91
  • 1
  • 1
6

If you are using Google Internal App Sharing, please note that Google automatically signs your builds with a totally different certificate as stated here, you'll need to find the signing certificate information that is automatically provided for your application build by Google.

To find the certificate;

  1. Sign in to your Play Console.
  2. Select your app.
  3. On the left menu, select Development tools > Internal app sharing.
  4. Select the “App certificate” tab, and then copy the SHA-1 to your firebase console.
Roach
  • 611
  • 1
  • 8
  • 13
4

The latest error occurred

A safety_net_token was passed, but no matching SHA-256 was registered in the Firebase console. Please make sure that this application’s packageName/SHA256 pair is registered in the Firebase Console.

Solution is :

Add also SHA256 in project settings of Firebase Console.

Pratik Butani
  • 56,749
  • 54
  • 254
  • 407
3

This took me two days. I tried the accepted solution (by Nabin Bhandari) but that didn't work for me. Then finally managed to do it as follows.

  1. Go to "Build> Generate Signed Bundle/APK".

  2. If you wish to upload app to play store select "Android App Bundle", otherwise you can use "APK". Then go next.

  3. Now in "Key store path" click "CREATE NEW". Enter the details in dialog box. When you click "OK", you have your key files generated.

  4. Enter the key path, password etc.

  5. Select "debug" or "release" as desired. After this, your signed apk is generated at [project Directory]\app\debug.

  6. Now generate SHA-1 key using (as suggested by: Nabin):

    keytool -list -v -keystore KEYSTORE_PATH -alias ALIAS_NAME

  7. Use adb install app-debug.apk to install the app in the device. Now the app will work.

Dev/Debugging Tip: Install signed APK when Run is used.
When you click run again the signed app is overwritten and you might face the problem again. So there is a need to install signed apk when Run 'app' is clicked.

Add these values to your .gradle file (Module:app):

signingConfigs{
    debug{
        keyAlias 'your key alias'
        keyPassword 'your keypassword'
        storeFile file('keystore path')
        storePassword 'your storepassword'
    }
}

Ref: see here

Shivam Agarwal
  • 113
  • 1
  • 6
3

Update your app Fingerprint in firebase it works for me.

Step 1: Get the latest SHA-1 by running this command in terminal For Linux or macOS:

keytool -list -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android

For Windows:

keytool -list -v -keystore "%USERPROFILE%\.android\debug.keystore" -alias androiddebugkey -storepass android -keypass android

Step 2: Go to Firebase Console and delete recently added Fingerprints

Firebase Console > Your project > Project Settings > Delete Fingerprint

Next: Firebase Console > Your project > Project Settings > Add Fingerprint Paste new SHA-1 Fingerprint and save. It will work fine now.

Misbakh Ahmed
  • 91
  • 1
  • 6
2

I am late but it's help to others.

This problem is occur when you use generate signed apk or may be in debug mode you forgot to save SHA-1 & SHA-256 in firebase console.

   The solution for generate signed apk is: Your app must be available on your google 
   play console (Google play store). Copy SHA-1 available in google play console > App 
   Signing and save in firebase console.
hardkgosai
  • 159
  • 1
  • 4
2

Although the step 4 in documentation asks to add SHA-1 alone,
it worked for me only when I added both keys, SHA-1 and SHA-256.

Ref - The first 5 minutes of this video solved this error that I was facing for over 5 days.

MANAN
  • 314
  • 5
  • 5
1

I have got the same issue and solve as follow

Generate .keystore file like in this document https://facebook.github.io/react-native/docs/signed-apk-android

generated SHA-1 key by this command

keytool -list -v –keystore [PATH]\android\app\my-upload-key.keystore

And copy the SHA1 key under certificate fingerprints and add it firebase app settings->genaral tab->your app section->SHA certificate fingerprints

Udara
  • 785
  • 2
  • 16
  • 35
1

I am posting it late but it's a very simple trick i have found Download this Key Explorer And explore your App signing key(.jks), You'll be able to get SHA-1 & other Keys also. Now copy your SHA-1 from here and add it to firebase console. Steps: Firebase Console > Your project > Project Settings > Add Fingerprint Paste your SHA-1 and save it.

The reason is of this error is while we do testing for debug-apk it uses local systems SHA(that we had already updated over firebase console) but when when it's Release-build & live on Play store, it uses SHA from SigningKey(.jks). So we have to update both fingerprints on console.

Kaushal Kishor
  • 396
  • 3
  • 8
1

Before, we could achieve user sign-in in our released app just by using our app's sha-1 certificate,could be generated by android studio. But now, we need to add the sha-1 certificate from the play console's app signing certificate to our firebase's project setting.

And the steps are already answered above by our fellows.

MEGHRAJ CHETIA
  • 21
  • 6
1

You can also get the SHA1 and SHA-256 of your signing certificate using the Gradle signingReport command:

./gradlew signingReport

Now add the SHA1 and SHA-256 in the project setting in firebase here.

enter image description here

Highbrow Director
  • 31
  • 4
0

Look at this thread: How to get the SHA-1 fingerprint certificate in Android Studio for debug mode?

And you will now how to get sha-1 key of your app easily (without -keytool command) and add id to Firebase console.. Then you must update your google-services.json file in your project.

N Droidev
  • 816
  • 8
  • 17
0

I think this is the easiest solution

See SHA-1 certificate fingerprint from App signing from play store console

  • Play console>Release dashboard>App signing>>Copy SHA-1 key[![How to get SHA-1 Key from Google play console] 1:[ https://i.stack.imgur.com/QvlnC.jpg]How to add SHA-1 key from Play Console to Firebase app

How to add SHA-1 key from Play Console to Firebase app]

Muji Tech
  • 17
  • 1
  • 2
0

feature doesnt work on emulator even your mobile number is in physical device you must have to use a physical device to use phone authentication... you issue must be solved if you set up SHA1 key perfectly and still getting this exception

Aravind Siruvuru
  • 789
  • 6
  • 5
0

I've had this same issue for days. After trying every possible solution I found out my firebase-auth dependency version was (19.3.1) and when I change it to the latest i.e (20.0.3 right now) it worked fine.

Dharman
  • 26,923
  • 21
  • 73
  • 125
Adam.GT
  • 1
0

Step 1 Open the android studio and click on Gradle at top of the right-hand side.

Step 2 Click on signingReport OR search it in Gradle(check the diagram)

Step 3 Copy the SHA-1 from bottom

First Image

Step 4 go to the firebase console and open your project setting in firebase.

Secound Image

Step 5 click on AddFingurePrint and paste the SHA1

Step 6 Again go to android studio and copy the SHA-256 and click on addFingurePrint button a second time and past it and save it

KAMRAN
  • 1
  • 1
0

Just add a SHA1 and SHA-256 into your firebase fingerprint

Step1: Run this command into your project terminal "cd .\android" and then keytool -list -v -keystore c:\Users\User_name.android\debug.keystore -alias androiddebugkey -storepass android -keypass android You will get a SHA keys Step 2: Copy those keys and add them inside the firebase fingerprint inside Project settings->users

Premalatha
  • 1
  • 1
    As it’s currently written, your answer is unclear. Please [edit] to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Mar 09 '22 at 15:18