Android gives 'ERROR: DEVELOPER_ERROR' when signing in

[jimmirbn]

When signing in using await GoogleSignin.signIn(); It opens the dialog, I sign in but gives the 'ERROR: DEVELOPER_ERROR'

Steps to Reproduce

• Install react-native-google-signin and follow the setup guide for Android
• Import react-native-google-signin and make a function that calls await GoogleSignin.signIn()
• Sign in with your google account
• When the dialog closes the error occurs

Expected Behavior

• Opens dialog
• Signs in
• Returns userInfo, id and accesstoken

Actual Behavior

• Throws an error saying 'ERROR: DEVELOPER_ERROR'

Environment

• react-native: 0.60.4
• react-native-google-signin: 2.0.0
• play-services-auth: 15.0.1
• SDK version: 25
• Build gradle: 3.4.2
• Tried two newest versions of android, Q & Pie

[Mihir22c]

Is there any proper solution to this error? cause of all the steps I have followed.

[laksithakumara-cb]

I followed all steps. still im getting this error without reason.

[koaladlt]

So, finally, I found a solution for this. My package. name in firebase and in the app were different, I had to delete and create again the app on Firebase, and now is working like a charm!

[SebinLee]

@victorbruce You've saved my time! Thanks a lot

[victorbruce]

@victorbruce You've saved my time! Thanks a lot

Glad I did 😊 👍

[gamingumar]

I am getting this error in play store and not in debug mode. I have also copied SHA to firebase console :(

[mitesh-db]

Hey @gamingumar, Make sure you add SHA which is generated by the keystore you have used to upload the apk. Also make sure your app bundle name on firebase is same as you are using it in your project.

[gamingumar]

@mitjnextt I resolved this issue, it was caused by wrong SHA. The reason was the confusion between firebase and google cloud project. They were 2 different projects in google cloud. I found out that firebase creates google cloud project by default.

[nizar-banna]

I am getting this error in play store and not in debug mode. I have also copied SHA to firebase console :(

+1

[goodhyun]

sometimes unprepared app/build.gradle could be the culprit.

signingConfigs {
        release {
            storeFile file("android-.jks")
            storePassword pass
            keyAlias "~~~"
            keyPassword pass
        }
        debug {
            storeFile file("android-.jks")
            storePassword pass
            keyAlias "~~~"
            keyPassword pass
        }
        // debug {
        //     storeFile file('debug.keystore')
        //     storePassword 'android'
        //     keyAlias 'androiddebugkey'
        //     keyPassword 'android'
        // }
    }

[martsaarmets]

I'm using Firebase. The solution for me was to copy the google-services.json file also under the subfolders for different variants. So I have this file in app/google-services.json and additionally app/src/dev/google-services.json, app/src/test/google-services.json, app/src/production/google-services.json etc. At first I thought that it's enough to have the file in the app folder like stated here but looks like this will not work by default.

Also, be sure which key is being used to sign your dev/test app and add your debug key SHA1 to the Firebase console. Use the signingReport task in Android Studio -> Gradle menu to double-check. Or unzip your .apk and check the cert fingerprint in the META-INF directory.

[sorold]

@SanjanaTailor did you find any solution?

I fixed it by making sure the sha1 key in my firebase android project is the correct one. I did that performing the following:

• Inside of my project folder, I cd into android and run ./gradlew signingReport'
• Copy the sha1 key under > Task :app:signingReport with the property and value **Config: debug**, and **Variant: debugUnitTest**
• Paste it in your firebase android project by clicking on add finger print

Make sure you have copied the google-services.json file inside of your /android/app/ folder

I'm not using firebase and this worked for me! This SHA1 is different from the ones generated by the keytool with the debug.keystore files on user/.android and and myapp/android/app, neither of them were working. I just created a new credential on the same app in the google console, didn't even need to delete the credentials from the old debug.keystore. Thanks!

[CyrusZei]

PRO TIP:

Even if you think you have the correct webClientId just copy it from firebase and paste it in. Spent way to much time on debugging this

[ninjz]

For anyone banging their heads on this in the future. I had this issue in production after deploying my app to the Play Store. The problem happens because i'm using the managed app signing service so the Play Console actually manages the App Signing Keys and therefore your app would actually have a different signing key when deployed on the Play store..

To find that key you must go to the Play Developer Console under Setup > App Integrity > App Signing and find the SHA-1 certificate and enter that into your Firebase console.

[mdarifulislamroni521]

I solved it at fast create webClientId from google cloud console web Application Credential . then create Android Credential with your package name and SHA-1 certificate fingerprint * . then configure like bellow =>

GoogleSignin.configure({ webClientId: 'your web client id here ', offlineAccess: true, });

i hope it will work for all . Thanks

[anujjoshi63]

For me, it wasn't working until I provided offlineAccess:true GoogleSignin.configure({ webClientId: "...", offlineAccess: true });

[kranercc]

OFFICIAL SOLUTION IS THIS: Use command:

 keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android

Copy the SHA1 from the output Go to Firebase WEBSITE -> open project settings and look for where it says "fingerprint" or something about "Sha1" thats where you need to place it, if you cna't find that, create new project it will ask for it once you start a new project

[ducnv3]

Same

UPDATE: I was able to get it working by adding the debug key to the Firebase project. Was able to retrieve the debug SH1 key via keytool -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore -storepass android -keypass android

same my isssue, because SHA1 from here "keytool -list -v -alias aliasName -keystore app/keystore.jks -storepass passWordStore -keypass passWordKeyPass". in this case, we need to generate SHA1 from above command from keystore file. this is production deploy for privateKey. THanks u very much.

[kindacoder]

For anyone banging their heads on this in the future. I had this issue in production after deploying my app to the Play Store. The problem happens because i'm using the managed app signing service so the Play Console actually manages the App Signing Keys and therefore your app would actually have a different signing key when deployed on the Play store..

To find that key you must go to the Play Developer Console under Setup > App Integrity > App Signing and find the SHA-1 certificate and enter that into your Firebase console.

Yeah, the same issue I had. i was checking the release build and it was working fine but after pushing it to play store it was not working. But it's working now. Thanks

[Oleksiiithouse]

One more step to try (that was my case of DEVELOPER_ERROR) is to check if you definitely typed correctly your package name that locates at \android\app\src\main\AndroidManifest.xml in google cloud field for android project. Make sure that typed package name starts exactly with 'com.' prefix. It is very stupid but while fighting with it I always typed my project name without this prefix so this throwed an error.

[danieldt232]

In my case It worked in development, but when I tried to use Firebase App Distribution it threw DEVELOPER_ERROR.

Turns out that Firebase re-sign test bundles with a new sha-1 that you can find here:

These steps worked for me:

1. copy the sha-1 from "View certificates" window in Firebase App Distribution
2. Add the copied sha-1 to "project settings" > SHA certificate fingerprints
3. Download again the "google-services.json" (that now includes the new fingerprints) and replace the old one in your code
4. Build and release again

[huy-lv]

I have tried all above suggestion but nothing work at all :(

[CyrusZei]

1. Remove the app from the google play store
2. Generate an new APK to upload to google play
3. Voila, you will have the new SHA-1 that is on your app in the google play store.

On Sat, 24 Dec 2022 at 15:50, Lê Vũ Huy @.***> wrote:

I have tried all above suggestion but nothing work at all :(

— Reply to this email directly, view it on GitHub https://github.com/react-native-google-signin/google-signin/issues/706#issuecomment-1364540808, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABGR3T3P3KST6SRLQXET7NDWO4ESFANCNFSM4IMFTPEA . You are receiving this because you commented.Message ID: @.*** com>

-- With regards Cyrus_Zei [ Developer + Designer = Unicorn]

[huy-lv]

Found my problem: In my folder android/app there is a debug.keystore file, but I run keytool command to get SHA1 with ~/.android/debug.keystore file. Rerun with correct keystore file and everything will be fine. Hope this help someone :D

[CyrusZei]

Yes, there are two SHA-1 keys and you can enter this command and you can see the SHA-1 key

keytool -list -v -keystore ./android/app/debug.keystore -alias androiddebugkey -storepass android -keypass android

On Sun, 25 Dec 2022 at 06:12, Lê Vũ Huy @.***> wrote:

Found my problem: In my folder android/app there is a debug.keystore file, but I run keytool command to get SHA1 with ~/.android/debug.keystore file. Rerun with correct keystore file and everything will be fine.

— Reply to this email directly, view it on GitHub https://github.com/react-native-google-signin/google-signin/issues/706#issuecomment-1364627904, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABGR3T6VMLQASTGDQZG2NVTWO7JTLANCNFSM4IMFTPEA . You are receiving this because you commented.Message ID: @.*** com>

-- With regards Cyrus_Zei [ Developer + Designer = Unicorn]

[sergiycheck]

tricky steps for android

1. generate new debug.keystore

   sudo keytool -genkey -v -keystore my-upload-key.keystore \
   -storepass android -alias androiddebugkey -keypass android  \
   -keyalg RSA -keysize 2048 -validity 100000
   -dname "CN=serhii, OU=debug, O=private, L=home, ST=0, C=UA"

2. place new debug.keystore instead the old ones in the ./android/app folder
3. generate new sign in report cd android && ./gradlew signingReport
4. paste sha1 keys into the firebase console android project settings input sha1 fingerprints
5. download google-service.json
6. copy the value of client_id with client_type: 3 to the webClientId property.
7. build the android app Steps described helped me and I was able to sign in with google after many hours of struggling.

[apalm]

I spent more time than I'd care to admit on this, so writing down what I found, in the hope that it'll be helpful to someone.

• I'm not using Firebase
• I'm using Expo, and I'm using managed credentials
• My GoogleSignin.configure call:

GoogleSignin.configure({
  webClientId: YOUR_WEB_CLIENT_ID,
  offlineAccess: true,
});

What I found:

• google-services.json isn't needed. Don't include googleServicesFile in app.json/app.config.js.
• In Google Cloud Console, create 3 OAuth 2.0 Client IDs:

1. Application type="Web application". Pass this client ID to GoogleSignin.configure as webClientId.
2. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android from the project root.
3. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running eas credentials from the project root. Select Android as the platform, then select your build profile.

[ayodeji334]

In addition to this, I changed the third one to the SHA-1 certificate fingerprint from the production keystore.

[sergioisidoro]

+1 - After a long time I realised that it HAS to be the SHA1, not the SHA256

[marcomelilli]

@apalm thank you! This is the final solution or those who are not using firebase and are using EAS managed credentials

[vlastami]

I spent more time than I'd care to admit on this, so writing down what I found, in the hope that it'll be helpful to someone.

* I'm not using Firebase

* I'm using Expo, and I'm using [managed credentials](https://docs.expo.dev/app-signing/managed-credentials/)

* My `GoogleSignin.configure` call:

GoogleSignin.configure({
  webClientId: YOUR_WEB_CLIENT_ID,
  offlineAccess: true,
});

What I found:

* `google-services.json` isn't needed. Don't include `googleServicesFile` in `app.json`/`app.config.js`.

* In [Google Cloud Console](https://console.cloud.google.com/apis/credentials), create 3 `OAuth 2.0 Client IDs`:

1. Application type="Web application". Pass this client ID to `GoogleSignin.configure` as `webClientId`.

2. Application type="Android". Make sure `Package name` is correct. Get `SHA-1 certificate fingerprint` by running `keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android` from the project root.

3. Application type="Android". Make sure `Package name` is correct. Get `SHA-1 certificate fingerprint` by running `eas credentials` from the project root. Select `Android` as the platform, then select your build profile.

Also, people, don't forget to update the google-service.json (download the new one if you updated the SHA-1 in the Firebase). 😄

[realadamsmith]

I spent more time than I'd care to admit on this, so writing down what I found, in the hope that it'll be helpful to someone.

• I'm not using Firebase
• I'm using Expo, and I'm using managed credentials
• My GoogleSignin.configure call:

GoogleSignin.configure({
  webClientId: YOUR_WEB_CLIENT_ID,
  offlineAccess: true,
});

What I found:

• google-services.json isn't needed. Don't include googleServicesFile in app.json/app.config.js.
• In Google Cloud Console, create 3 OAuth 2.0 Client IDs:

1. Application type="Web application". Pass this client ID to GoogleSignin.configure as webClientId.
2. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android from the project root.
3. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running eas credentials from the project root. Select Android as the platform, then select your build profile.

It doesnt make sense to me that Web application client ID worked for logging in from my Samsung Gakaxy Android phone. I got the idToken, but serverAuthCode is still Null {..."https://www.googleapis.com/auth/youtube.readonly"], "serverAuthCode": null, "user": .....}

[robinderozario]

For those using eas-build with a development client, in my case, eas inserts different signing credentials during the build process. In other words, it is not using the SHA1 specified in the google-services.json file. To make the google signing work in development, I had to add the SHA-1 Certificate Fingerprint listed in the Expo.dev console, under "Project Settings" > "Credentials" > "Android Keystore", to my Firebase project (which also adds it to Google Cloud API). I personally can't remember ever uploading credentials to Expo, but it could be the case. If they're autogenerated, I can imagine a lot more developers must face the same issue which is why I'm sharing this.

[NorseGaud]

Non-firebase users that let Google sign their app: Under the Google Cloud Console > APIs & Services > Credentials > Client ID for Android, set your SHA-1 to the App signing key certificate found in the Play Store Console > Setup > App signing.

You'll know it works because Verify app ownership under the Client ID for Android page will say "Your app ownership has been verified".

[naguibihab]

I spent more time than I'd care to admit on this, so writing down what I found, in the hope that it'll be helpful to someone.

• I'm not using Firebase
• I'm using Expo, and I'm using managed credentials
• My GoogleSignin.configure call:

GoogleSignin.configure({
  webClientId: YOUR_WEB_CLIENT_ID,
  offlineAccess: true,
});

What I found:

• google-services.json isn't needed. Don't include googleServicesFile in app.json/app.config.js.
• In Google Cloud Console, create 3 OAuth 2.0 Client IDs:

1. Application type="Web application". Pass this client ID to GoogleSignin.configure as webClientId.
2. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android from the project root.
3. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running eas credentials from the project root. Select Android as the platform, then select your build profile.

I am using an Expo managed project, so i don't have direct access to the android keystore in the same way that i would in a bare react native project (in other words I can't run keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android because I don't have an android folder) Is there another way I can get the SHA-1 certificate fingerprint @apalm ?

[No898]

I spent more time than I'd care to admit on this, so writing down what I found, in the hope that it'll be helpful to someone.

• I'm not using Firebase
• I'm using Expo, and I'm using managed credentials
• My GoogleSignin.configure call:

GoogleSignin.configure({
  webClientId: YOUR_WEB_CLIENT_ID,
  offlineAccess: true,
});

What I found:

• google-services.json isn't needed. Don't include googleServicesFile in app.json/app.config.js.
• In Google Cloud Console, create 3 OAuth 2.0 Client IDs:

1. Application type="Web application". Pass this client ID to GoogleSignin.configure as webClientId.
2. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android from the project root.
3. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running eas credentials from the project root. Select Android as the platform, then select your build profile.

Thanks god, i couldnt find solution, because everywhere is written only Web Application and Androiod with SHA-1 from eas credentials OR SHA-1 from keystore, i spend whole night trying, but few minutes back i tried put there both SHA-1 and it works! THANK YOU!

// supabase non firebase google sign-in

[GNUGradyn]

wow. this error really needs to be less vague. I have the correct SHA1 from the keystore specified in my gradle script and the correct app ID. No dice. If this error actually described what the problem was in any way I could potentially fix it

[DedaDev]

I spent more time than I'd care to admit on this, so writing down what I found, in the hope that it'll be helpful to someone.

• I'm not using Firebase
• I'm using Expo, and I'm using managed credentials
• My GoogleSignin.configure call:

GoogleSignin.configure({
  webClientId: YOUR_WEB_CLIENT_ID,
  offlineAccess: true,
});

What I found:

• google-services.json isn't needed. Don't include googleServicesFile in app.json/app.config.js.
• In Google Cloud Console, create 3 OAuth 2.0 Client IDs:

1. Application type="Web application". Pass this client ID to GoogleSignin.configure as webClientId.
2. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android from the project root.
3. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running eas credentials from the project root. Select Android as the platform, then select your build profile.

only this works for me, no firebase, only expo weird af

[Maetel23]

thanks @amitbravo you don't have the idea how much it stress me. Thank you so much for lending the tips. Now its working. Love lots po.

[bradydowling]

I'm still having trouble with this with Supabase and Expo. I added the SHA-1 from Expo but when I try to run:

keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android

I get:

keytool error: java.lang.Exception: Keystore file does not exist: android/app/debug.keystore
java.lang.Exception: Keystore file does not exist: android/app/debug.keystore
        at java.base/sun.security.tools.keytool.Main.doCommands(Main.java:923)
        at java.base/sun.security.tools.keytool.Main.run(Main.java:423)
        at java.base/sun.security.tools.keytool.Main.main(Main.java:416)

I thought I'd only need the Expo SHA-1. Anyone else know what's going on here? Either how to get the command to work or just troubleshooting steps to help me diagnose the real issue?

[danieltorres1109]

• google-services.json isn't needed. Don't include googleServicesFile in app.json/app.config.js.
• In Google Cloud Console, create 3 OAuth 2.0 Client IDs:

1. Application type="Web application". Pass this client ID to GoogleSignin.configure as webClientId.
2. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running keytool -list -v -alias androiddebugkey -keystore android/app/debug.keystore -storepass android -keypass android from the project root.
3. Application type="Android". Make sure Package name is correct. Get SHA-1 certificate fingerprint by running eas credentials from the project root. Select Android as the platform, then select your build profile.

It works for me

[RemyNtshaykolo]

Follow this video https://www.youtube.com/watch?v=vojHmGUGUGc

[rodrigomf24]

For anyone stumbling into this issue and you do not have an expo app and you are facing this issue with an app you submitted to the play store.

I had everything setup correctly (web client id + non debug signing key for production), but the missing change was registering an OAuth 2.0 Client ID credential in GCP with the signing key sha1 from the google play console.

Once you register the sha1 make sure to add the generated client id to the list of authorized client ids in the supabase google provider configuration.

[r3n4n07]

If anyone is experiencing the ERROR: DEVELOPER_ERROR, it could be because the SHA-1 in Firebase is already registered with another application. To resolve this issue, follow these steps:

1 - Delete the debug.keystore file.

2 - In the terminal, navigate to the Android app directory:

    cd android/app

3 - Generate a new keystore by running the following command:

    keytool -genkey -v -keystore debug.keystore -alias androiddebugkey -keyalg RSA -keysize 2048 -validity 10000

4 - Fill in the required information.

5 - After that, retrieve the new SHA-1 by running the following command:

   keytool -list -v -keystore debug.keystore -alias androiddebugkey -storepass [your-password] -keypass [your-password]

All commands are executed in the ./android/app path.

[samipshresthaq]

For anyone banging their heads on this in the future. I had this issue in production after deploying my app to the Play Store. The problem happens because i'm using the managed app signing service so the Play Console actually manages the App Signing Keys and therefore your app would actually have a different signing key when deployed on the Play store..

To find that key you must go to the Play Developer Console under Setup > App Integrity > App Signing and find the SHA-1 certificate and enter that into your Firebase console.

Yes this was the fix for the issue after releasing my app. Thank you

[vijal-patel]

adding my 2c.

Setup: expo, firebase, react-native-firebase

I was using the sha1 from the debug keystore instead of the sha1 from expo. To get it you need to run eas credentials