'Google sign in failed com.google.android.gms.common.api.ApiException: 10:

So I'm Stuck on this frustrating issue. I am quite new to Google Auth on Firebase but I done everything the firebase docs instructed in how to integrate the Google SignIn Auth, yet I'm still receiving this weird Error in the console consisted of two parts:

12-03 11:07:40.090 2574-3478/com.google.android.gms E/TokenRequestor: You have wrong OAuth2 related configurations, please check. Detailed error: UNREGISTERED_ON_API_CONSOLE

and also

Google sign in failed com.google.android.gms.common.api.ApiException: 10:

Before Anyone attempts to point out similar questions that have previously been asked on stack overflow, Here's what I have done till now after seen all the available solutions and yet non has resolved the error

  • I have my SHA1 fingerprint for my project
  • I have my OAuth 2.0 client ID, both, the android client id and the web client and in the requestIdToken() I have put the web client id.
  • I did not publish my project's APK on google play store. which means I did not accidentally generate another SHA1 fingerprint.
  • I have followed step by step the Google Sign in Auth firebase docs.

here is my code snippet:

@Override
public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_signup);
    ButterKnife.bind(this);

    String webClientId = getString(R.string.web_client_id);


    GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
            .requestEmail()
            .requestIdToken(webClientId)
            .build();

    mGoogleApiClient = new GoogleApiClient.Builder(this)
            .enableAutoManage(this /* FragmentActivity */, this /* OnConnectionFailedListener */)
            .addApi(Auth.GOOGLE_SIGN_IN_API, gso)
            .build();

    mGoogleSignInClient = GoogleSignIn.getClient(this, gso);


    GoogleSignInAccount account = GoogleSignIn.getLastSignedInAccount(this);


    googleLoginBtn.setOnClickListener(new View.OnClickListener() {
        @Override
        public void onClick(View view) {
            Intent signInIntent = mGoogleSignInClient.getSignInIntent();
            startActivityForResult(signInIntent, RC_SIGN_IN);
        }
    });

}



@Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
    super.onActivityResult(requestCode, resultCode, data);

    // Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
    if (requestCode == RC_SIGN_IN) {
        // The Task returned from this call is always completed, no need to attach
        // a listener.
        Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);

        try{

            GoogleSignInAccount account = task.getResult(ApiException.class);
            firebaseAuthWithGoogle(account);

        } catch (ApiException e) {
            // Google Sign In failed, update UI appropriately
            Log.w(TAG, "Google sign in failed", e);
            // [START_EXCLUDE]
            Toast.makeText(this, "Gooogle Auth failed", Toast.LENGTH_LONG);
            // [END_EXCLUDE]
        }

    }
}



private void firebaseAuthWithGoogle(GoogleSignInAccount acct) {
    Log.d(TAG, "firebaseAuthWithGoogle:" + acct.getId());
    // [START_EXCLUDE silent]
    //showProgressDialog();
    // [END_EXCLUDE]

    AuthCredential credential = GoogleAuthProvider.getCredential(acct.getIdToken(), null);
    mAuth.signInWithCredential(credential)
            .addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
                @Override
                public void onComplete(@NonNull Task<AuthResult> task) {
                    if (task.isSuccessful()) {
                        // Sign in success, update UI with the signed-in user's information
                        Log.d(TAG, "signInWithCredential:success");
                        FirebaseUser user = mAuth.getCurrentUser();
                        Toast.makeText(LoginActivity.this, "Successful Auth", Toast.LENGTH_LONG).show();
                    } else {
                        // If sign in fails, display a message to the user.
                        Log.w(TAG, "signInWithCredential:failure", task.getException());
                        Toast.makeText(LoginActivity.this, "Authentication failed.",
                                Toast.LENGTH_SHORT).show();
                        //updateUI(null);
                    }

                    // [START_EXCLUDE]
                    //hideProgressDialog();
                    // [END_EXCLUDE]
                }
            });
}


Solution 1:[1]

Basically problem is in the SHA1 key put on console please regenerate it and put again properly same project.

1)As the answers, make sure that your actual signed Android apk has the same SHA1 fingerprint as what you specified in the console of your Firebase project's Android integration section (the page where you can download the google-services.json)

For more info, see: Generate SHA-1 for Flutter app

2)On top of that go to the Settings of your firebase project (gear icon right to the Overview at the top-left area. Then switch to Account Linking tab. On that tab link the Google Play to your project.

EDIT: Account Linking tab doesn't exist any more, instead :

  1. Sign in to Firebase.
  2. Click the Settings icon, then select Project settings.
  3. Click the Integrations tab.
  4. On the Google Play card, click Link.

enter image description here

Solution 2:[2]

When using App Signing by Google Play and Firebase, you need to add the SHA-1 fingerprint of the App signing certificate (found on Google Play Console/ Release Management/ App signing certificate) to the Firebase Console/ Settings/ SHA certificate fingerprints

Updated location for the SHAs: Google Play Console > Release > Setup > App integrity

Solution 3:[3]

In My case, There is no problem with SHA-1

I have done GoogleAuth using Firebase.

I forgot to add implementation 'com.firebaseui:firebase-ui-auth:4.3.1'

And I put my own key instead of R.string.default_web_client_id, So that was the problem. I added above dependency and replace R.string.default_web_client_id with my own key.

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                .requestIdToken(getString(R.string.default_web_client_id))
                .requestEmail()
                .build();

UPDATE : 18-Dec-2020

We can also use without requestIdToken like below. For this you must have to add your SHA1 to google console.

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                .requestEmail()
                .build();

Solution 4:[4]

I was facing the same issue, After checking around for a solution, from regenerating the finger print to linking the app on firebase to the Google play console and publishing the signed apk, the issue was actually because I was using the release SHA-1 on the firebase console.

  • If you are still on debug mode, use the debug.keystore SHA1
  • Only use the release SHA1 if you are on production mode

https://developer.android.com/studio/publish/app-signing.html

Solution 5:[5]

My solution was a little different,

After hours of trying various things. I found my solution:

Using the steps listed here: https://stackoverflow.com/a/34223470/10575896

  1. Open Android Studio
  2. Open your Project
  3. Click on Gradle (From Right Side Panel, you will see Gradle Bar)
  4. Click on Refresh (Click on Refresh from Gradle Bar, you will see List Gradle scripts of your Project)
  5. Click on Your Project (Your Project Name form List (root))
  6. Click on Tasks
  7. Click on Android
  8. Double Click on signingReport (You will get SHA1 and MD5 in Run Bar(Sometimes it will be in Gradle Console))

The console will print out the SHA keys for both debug and release. I had added the debug keys to firebase sometime in the past, but I had not added the release keys.

I simply added the SHA1 and SHA256 keys to firebase, and I was good to go.

Solution 6:[6]

If you have all configuration valid in firebase like SHA-1 and you have imported right google-services.json file still you are getting error then add the support email in firebase console

You have to add support email in fire base console Go to Project-> Setting -> General -> Public setting add Support Email

Solution 7:[7]

i was dealing with this problem for 2 days ! the problem was the clientId i used, was android type while i had to use web Aplication type Clientid . please consider this if you have the same problem ;)

Solution 8:[8]

I had problems with each answer, so here is the solution that worked for me:

First, add Firebase to your project:

Go to Firebase web site -> Add Project -> Once when you create new project go to Add App and add your Android app

Take care to add the exact package name and debug SHA-1 key.

You can generate debug SHA-1 key doing the following in Android Studio:

On the right side open Gradle panel -> go to Tasks -> android -> run signingReport

Your SHA-1 key will be shown in Run window

Once when you register the app, download the config file. In the config .json file you can find your client_id : client -> oauth_client -> client_id

Take care there are two client_ids. The one with "client_type": 3 worked for me with the following code:

private fun requestSignIn(context: Context) {

    GoogleSignIn.getLastSignedInAccount(context)?.also { account ->
        onSignedIn(account)
        return
    }

    val signInOptions = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
        .requestScopes(Scope("https://www.googleapis.com/auth/spreadsheets"))
        .requestEmail()
        .requestIdToken("client_id_goes_here")
        .build()
    val client = GoogleSignIn.getClient(context, signInOptions)

    startActivityForResult(client.signInIntent, REQUEST_SIGN_IN)
}

Then in the onActivityResult:

override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
    super.onActivityResult(requestCode, resultCode, data)

    if (requestCode == REQUEST_SIGN_IN) {
         if( resultCode == RESULT_OK) {
            GoogleSignIn.getSignedInAccountFromIntent(data)
                .addOnSuccessListener { account ->
                    onSignedIn(account)
                }
                .addOnFailureListener { e ->
                    Log.d("Fail", "Fail")
                }
          }
    }
}

In onSignedIn you should do the google sheet api call

Solution 9:[9]

  1. Make you use .requestIdToken(getString(R.string.default_web_client_id)) when you Build GoogleSignInOptions:
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                .requestIdToken(getString(R.string.default_web_client_id))
                .requestEmail()
                .build();
  1. Add your debug.keystore's SHA1 and SHA256 fingerprint to your Firebase project with the following steps:
  2. Obtain the debug.keystore's fingerprints: Linux/Mac - keytool -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore, Windows - keytool -list -v -alias androiddebugkey -keystore %USERPROFILE%\.android\debug.keystore
  3. Add these fingerprint's to your Firebases project's Android app section: https://support.google.com/firebase/answer/9137403?hl=en

Solution 10:[10]

Yo guys, make sure that you have installed google play services in android studio SDK Manager. After I did it, rebuild unity project — all works fine. enter image description here

Solution 11:[11]

I am not sure if this is the cause, but we might need to use the Web Client ID in the Android App before publishing it, read the following article,

https://android-developers.googleblog.com/2016/03/registering-oauth-clients-for-google.html

Solution 12:[12]

After adding the SHA1 and SHA256 app signing certificates it still didn't work. Once I added the SHA1 App upload certificate it worked :)

Solution 13:[13]

After adding the SHA1 and SHA256 app signing certificates it works.

Solution 14:[14]

In my case to work on the emulator, I followed the steps https://stackoverflow.com/a/46767856/6800637, and in addition to putting in https://console.firebase.google.com projectName/ settings / general, my signature key sha1 and sha256 I also put the key sha1 from [debug.keystore] which is shown when you follow the steps mentioned above

Solution 15:[15]

This status code means that you are providing unknown server client id.

So I was able to resolve this issue by changing the OAuth Client ID at Android client:

googleSignInOptions = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
            .requestIdToken("web application client id")
            .requestEmail()
            .build()

In https://console.developers.google.com/apis/credentials in your project you might need to generate: OAuth client ID -> Web Application and use this web application client id in your Android app.

enter image description here

Solution 16:[16]

I had this problem recently when trying to use google sign in using Firebase. I could fix it by updating requestIdToken in GoogleSignInOptions to the one provided as client_id in google-services.json file.

Solution 17:[17]

These are all great answers, in case anyone else is trying to have multiple firebase projects for one app, i.e. development and production the trick is when you want to test production, you'll need to upload the APK to Google Play if you use Google Play to manage the signing of your app. I used the internal testing track, and then it started working.

You cannot just install the APK on your device with your debug keys, because it does not match the production keys in Firebase.

Another side note - as others have mentioned - for some reason you need to use the "web" OAuth client ID, NOT the Android OAuth client. This is a really confusing thing for Google to do.

Solution 18:[18]

Although, the tutorial and the configuration page suggests to get the package name from the manifest file, it seems it is checked against the "applicationId" in the "app/build.gradle" file.

There are two places to set the package name I've found so far:

app/src/main/AndroidManifest.xml

app/build.gradle android.defaultConfig.applicationId

In my case those two names were different. Earlier I had updated the package name in the first file but forgot to update in the build.gradle file.

Solution 19:[19]

If you are on flutter, take a look on where you initialized your GoogleSignIn, for me adding the clientId parameter worked on iOS but breaks android try that as well

Solution 20:[20]

If you are having multiple apps under same Project in Firebase, make sure you are in the correct (App)com.xxx.yyy, that matchup with your current project you are doing in Android Studio. Then change the sha1 in settings of Firebase under proper (App)com.xxx.yyy and download the Json accordingly past it at, In project level view apps->build->source.

Solution 21:[21]

This might come if you have not set the SHA-1/SHA-256 hashes for your project.

Solution 22:[22]

I double-checked everything on the firebase console, I have correctly added SHA keys also I was facing an error. After spending hours I found the error was due to not setting up OAuth Consent in Google Console. So if any once facing the same issue please check this step as well, that might be your help you out.

enter image description here

Solution 23:[23]

It's 2022 and I spent 7 hours debugging this! I am not a native Android developer so I didn't know what's what until now.

Here is how I made it to work.

1) Make sure you have different build numbers between dev and prod!

There are 3 different builds/app in the world that you are playing with:

  1. The one in Google Play Store that you can install. It has a build number associated with it, both in the Play Store and in the App -> tap and hold -> info.
  2. The one in Android Studio build that has release build flavor
  3. The one in Android Studio build that has debug build flavor

enter image description here

The debug one is the one you can attach the debugger (the bug icon!) and release is the one that you cannot.

Whatever you do, make sure these are different or you will pull your hair why it works here and not there!

Android: Tag > Build > Release > then immediately version bump

I am coming from a background that we tag and version right before the release. (e.g. backend) Here, if you do so, it messes everything up! So you should tag, then release, then version bump immediately!

Ideally, the Play store should be 1.1.7, the release one should be 1.1.8 (yes, one version ahead as it's the one you are going to publish), and the debug one should be 1.1.8-debug.

If you don't do so, and they are the same, Android OS is going to cache the packages/APKs. So even if you go and install the app from Play Store, it might use an Android Studio version that it has in cache, with its own certificate! (That took me 4 hours of not knowing why installing the same app from Play Store on two phones, yielded different behaviors -- one was using the cached APK from Android Studio USB builds.)

2) You need at least 4 different Oauth Client ID Keys from GCP!

At this point, you should be aware of the crazy system that you should create a "Web" OAuth Client ID for Android, and also a dummy Android one! See this.

Yes, you need one "Web" key, and one "Android" key to have the GoogleSignIn work. You should use the "Web" one almost everywhere (except for doing server-side token validation, where you verify the audience/issuer of the JWT). Regardless, without the unused dummy "Android" one, it's not gonna work.

However, the part that I didn't know was that you need 3 Android + 1 Web!

When you create an Android OAuth Client ID, it asks for a SHA-1.

enter image description here

And each of those 3 apps has its own certificates, a.k.a SHA-1s.

How to get 3 SHA-1s?

For 2 and 3 (release and debug of Android Studio) you can get them from gradle via this solution.

enter image description here

For the Play Store one, you have to go to Play Console > App Integrity > App Signing and get the "App signing" certificate from there. (The upload one should match your release one most likely.)

enter image description here

Now, go ahead and create these 3 Android Ouath Client Ids + 1 for Web and hopefully Google SignIn will work everywhere!

enter image description here

Solution 24:[24]

I have faced the same error and I solved it by fixing the value of WEB_CLIENT_ID You can check the value at: Authentication -> Sign-in Method -> Provider (ex: Google) -> Web SDK Configuration -> Web Client ID