This app is not authorized to use Firebase Authentication.Please verify that the correct package name and SHA-1 are configured in the Firebase Console

java android firebase android-studio firebase-authentication

85,777

Solution 1

When you updated Android Studio, the debug key which is used to sign debug apps might have changed. Just add the new SHA-1 checksum of your debug key in the firebase console.

Easiest way would be to connect/sync to firebase from

Tools>Firebase>Authentication>Connect>Sync

If you want to do it manually or for release keystore, first generate SHA-1 checksum using following command:

keytool -list -v -keystore KEYSTORE_PATH -alias ALIAS_NAME

Then copy the SHA-1 checksum and go to:

Firebase Console > Your project > Settings of the app > Add Fingerprint

For more info, read this guide: Authenticating Your Client | Google APIs for Android

Solution 2

UPDATE (12th May 2022):

Find SHA1 and SHA-256 BOTH the certificate fingerprints from the play store console.

Play store Console > Your project > Release > Setup > App integrity

Place BOTH SHA1 and SHA-256 fingerprints to your firebase app one by one.

Firebase Console > Your project > Settings of the app > Add Fingerprint

Ref: Authenticating Client Using Play App Signing

TAKE CARE BELOW POINTS

Also insert local SHA1 and SHA-256. Get it by ./gradlew signingReport . Get more info from here.
If you are using an Emulator for phone OTP verification, it won't work since it does not have a sim. So try installing it on your mobile(with sim).
Enable app verification step is followed properly. and Android Device Verification is ENABLED.
Make sure the correct project is selected from drop-down while enabling Android Device Verification.
BOTH SHA-1 and SHA-256 fingerprints to be added in the Firebase project.
After doing all the stuff, Please make sure you are using the latest/updated google-services.json file.

Solution 3

If you are using a Emulator for phone OTP verification it won't work since it does not have a sim. So try installing it to your mobile(with sim) and check if the error persists.

Solution 4

In case of Linux Machine

Step 1: Go to Physical File Directory of your project in your file system

Step 2: Go to Your project> android>

Step 3: Press right click and open a new terminal in this directory

Step 4: Run command './gradlew signingReport'

Step 5: Copy your SHA-1 key or SHA-56 key

Step 6: Go to Firebase Console> Your project> Project Settings> Add Fingerpring

Step 7: Paste your SHA-1 key or SHA-56 key and save.

Now, you are good to go.

Thanks.

Solution 5

Ok i just figured out the issue.. If you are using Play Store app signing, then the SHA1 from you distributed app will be different from the one you are using locally. Make sure you add the SHA1 key from Play Console to your app in the Firebase Console.

View more solutions

85,777

Author by

ishandutta2007

Former Amazon, Former Microsoft Engineer For details, https://www.linkedin.com/in/ishandutta2007/

Updated on January 27, 2022

Comments

ishandutta2007 over 2 years

Firebase auth was working fine, the debug build suddenly started failing without any change of code, logging the folloing message

D/PhoneAuthActivity( 7392): signInWithCredential:failure:com.google.firebase.auth.FirebaseAuthException: This app is not authorized to use Firebase Authentication. Please verifythat the correct package name and SHA-1 are configured in the Firebase Console. [ App validation failed ].

The only notable action inbetween a successful login and failure is android studio upgrade.
Rumit Patel over 5 years

But this error is coming for signed apk. i have implemented firebase and ON authentication too. it's working for debug.keystore but it's not working for SHA generated from my keyStore. strange. any other having this issue?
Rumit Patel over 5 years

I have already done this. but I found totally strange solution. I'll post it later here.
gowithefloww over 5 years

Could you post it @RumitPatel? Experiencing the same problem.
Rumit Patel over 5 years

@gowithefloww , yes, kindly wait please. will post it tomorrow probably.
Rumit Patel over 5 years

@gowithefloww , kindly check answer, probably it'll be helpful for you next time. :-)
Ally Jr over 5 years

Tried multiple suggestions. This was the only one that works! +1
Prativa almost 5 years

This was the only one that ever made sense.
Hugo almost 5 years

Yes, I believe this is the big source of confusion in 2019. Some Firebase/React tutorial is telling you to get a SHA fingerprint from your release key, using the keytool, BUT actually you signed for "letting Google manage your app certificate" on the Play Console, so thats the thing you have to copy and paste on Firebase Console.
Jean Eric over 4 years

This is the best answer
Dewsworld over 4 years

For myself, I had to paste the actual SHA1 from android studio
Rowan Gontier over 4 years

Also, the google-services.json file needs to be downloaded again, and added to app, after submitting to app store. Then re-upload to google play store.
Pete Alvin over 4 years

What do you mean "re-upload to google play store?" Upload what?
TLee over 4 years

You saved my daySSS
DragonFire over 4 years

This works perfectly without having to compile the app again, it works straight from console settings of play store and firebase....
tenTen over 4 years

I was not able to sync also with the project
Stanislau Buzunko about 4 years

@PeteAlvin i guess he meant to download google-services.json file after adding SHA1 from Play Store app signing
Khaled Alhayek about 4 years

This help even after publishing the app to the store
Maulik Santoki about 4 years

This will take the time or direct update. I perform the above steps but getting the same error
Shiva Yadav about 4 years

101% solution of the problem
Zhangir Siranov about 4 years

if you're in android directory, it's just gradlew signingReport not ./gradlew signingReport
Rumit Patel almost 4 years

@MaulikSantoki It should not take more then hour.
ravish.hacker almost 4 years

How did you figure this one out?
rakshit ks almost 4 years

I had tried it on the emulator but it was not working.Then i thought the problem is with the virtual mobile and so installed it on the real mobile it worked.
Vishal Singh almost 4 years

Thanks a lot. This was the best answer
ymerdrengene almost 4 years

Also be aware if it's your debug keytool to be used.
Khan Sharukh over 3 years

For more info - App signing has changed to App integrity in New Play Console. This answer is better for me. It doesn't include publishing the app again and wait for review.
Vishva Vijay over 3 years

Exact solution, I was having same problem, solved using SHA256 to firebase.
Mark Lapasa about 3 years

How do you access the SHA-1 in Google Play Console?
Mark Lapasa about 3 years

nvm - it's Google Play Console -> Select App -> Setup -> App Integrity -> App signing key certificate -> SHA-1
Rumit Patel about 3 years

@KishanSolanki I also had this issue, but in my case, I was trying on Emulator. It was working fine on a real device.
Kishan Solanki about 3 years

@RumitPatel I know brother that we should test it on a real device. Leave real device, I am testing it in the live version of the application (not in debug) and still not working. It seems an old answer. If you try this now (today), it won't work.
Rumit Patel about 3 years

@KishanSolanki This is not an old answer, Just need to update it with some additional info. Actually, A step is added called Enable app verification.. Another thing is to add Sha-256 on Firebase console. and it's done. let me know if still issue persists, I would happy to help. :-)
Kishan Solanki about 3 years

@RumitPatel you know what, I have already added that also. But after that, I am facing a new problem. I did also asked the question over StackOverflow, here is the link stackoverflow.com/q/66757620/8874958 , Check if you can help.
wamfous about 3 years

Thanks. Adding the SHA-256 fingerprint (to the existing SHA-1) was enough for me
guneetgstar about 3 years

Please update the answer that this step is mandatory if you have opted for Google Managed App Signing Key otherwise you can get the Sign details using signingReport gradle task and add the SHAs to firebase or even using apksigner -verify --print-certs <path/to/apk>
Rumit Patel about 3 years

@guneetgstar, correct. But most of the projects on google-play opted for App Signing Key
guneetgstar about 3 years

Most but not all. As I told keys can be extracted in other ways so someone might still end up adding the wrong key if he doesn't know if the app he is publishing has already opted for the Google App Signing key
Watanabe.N about 3 years

Can anybody explain the difference between Play Store SHA and key tool SHA? Very confusing which to go
Nathany Attipoe almost 3 years

spent days rummaging around GCP before i stumbled across your answer. All i had to do was scroll down sigh. Thanks @Roach
Roach almost 3 years

Glad I could help @NathanyAttipoe
Emad almost 3 years

@ishandutta2007 should mark this as the right answer!
waseem almost 3 years

This worked for me. even I generated SHA1 and SHA-256 for signed APK from android studio and added to firebase but didn't work. Then I followed this solution and worked!!!!!
4 Leave Cover over 2 years

During development, did anyone tried using emulator to view the console but the phone number entered was actually sent to a real device? Of course the Emulator doesn't have a sim but the phone number entered is a valid one. Which means I am using an emulator device and a real device at the same time.
Fahad over 2 years

Thanks a lot, somehow we missed it, this answer saved our day.
Fahad over 2 years

We are using flutter, so we are getting below error, any advise? Could not find the Android Application module. Only Android Application Modules can be connected to Firebase online projects. Create a new Android Application Module or create/import a different Android Studio project
Martin Braun over 2 years

I have a major problem regarding this solution. On my devices this worked like charm, I signed up for testing of my app to get my app from the app store. However, my customer (who gets the app in the same way like me) is complaining about getting this error. We had this error before, then I did this. It was fixed for me, but it was not for any of my customers. What could be the root cause of this, please?
Rumit Patel over 2 years

@MartinBraun , I faced the same issue couple of times. I don't know the root cause but I removed all the SHA-1 and SHA-256 and re-inserted them and it worked. And yes, please make sure you are using the latest google-services.json file. try to update it too. Note: Please update the google-services.json file after re-inserting SHA-1 and SHA-256 entries.
Martin Braun over 2 years

@RumitPatel Thanks a lot. I think I really messed up with the google-services.json. I did exactly what you told me and now it works.
Teckchun over 2 years

Thanks. This solution is well explained and actually works!
Rabbi Shuki Gur over 2 years

Using debug mode on a real device, I tried all the steps in the answer (add the fingerprint from play console and debug), but I am still getting an error: Error: [auth/app-not-authorized] This app is not authorized to use Firebase Authentication. Please verify that the correct package name and SHA-1 are configured in the Firebase Console. [ A safety_net_token was passed, but no matching SHA-256 was registered in the Firebase console. Please make sure that this application’s packageName/SHA256 pair is registered in the Firebase Console. ]
Rumit Patel over 2 years

@RabbiShukiGur, For debug build, you don't need to follow all these steps. you just need to get SHA1 fingerprints from Android Studio.
exilonX over 2 years

developers.google.com/android/guides/client-auth
Damandroid over 2 years

I believe the above steps are relevant if you are using playstore to download the app. If you are using flutter run --release from local machine, do playstore SHA keys still need updating? I am havig the same error but I am running the release version locally.
Lightwaxx about 2 years

This was the best answer. It actually works without having to update the app though it is expected that you will update your google-services.json file