errorMsg: "invalid_client", authErrorDescription: "App certificate does not match configurations."

[sunny635533]

When some user jumps to tiktok app to authorize login, tiktok's auth sdk returns the following error, causing the user to fail to authorize login. Here is the following error:

"errorCode:10033,errorMsg:invalid_client, authErrorDescription:App certificate does not match configurations."
or
"errorCode:-2,errorMsg:invalid_client, authErrorDescription:App certificate does not match configurations."

I dont konw why it happened the error "invalid_client". I Found on tiktok developer documentation web page：

I followed the tiktok official tutorial to integrate these two sdk, The relevant codes are as follows:

//First, add the sdk
implementation 'com.tiktok.open.sdk:tiktok-open-sdk-core:2.0.3'
implementation 'com.tiktok.open.sdk:tiktok-open-sdk-auth:2.0.3'

//Second, 
if (authApi == null) {
            authApi = new AuthApi(getCurrentActivity());
        }
String codeVerifier = PKCEUtils.INSTANCE.generateCodeVerifier();
        SharepreUtil.setValue(getReactApplicationContext(), SharepreUtil.KEY_CODE_VERIFIER, codeVerifier);
        AuthRequest request = new AuthRequest(BuildConfig.CLIENT_KEY,,
                scope,
                BuildConfig.REDIRECT_URL,
                codeVerifier,
                state,
                null);
        authApi.authorize(request, AuthApi.AuthMethod.TikTokApp);//AuthApi.AuthMethod.ChromeTab

//Third,
private void handleAuthResponse(Intent intent) {
        if (authApi == null) return;

        String codeVerifier = SharepreUtil.getValue(getReactApplicationContext(), SharepreUtil.KEY_CODE_VERIFIER).toString();
        AuthResponse authResponse = authApi.getAuthResponseFromIntent(intent, BuildConfig.REDIRECT_URL);
        if (authResponse == null) {
            if (loginPromise != null) {
                loginPromise.reject("-1", "authResponse is null");
            }
            return;
        }
        WritableMap writableMap = new WritableNativeMap();
        writableMap.putInt("errorCode", authResponse.getErrorCode());
        writableMap.putString("errorMsg", authResponse.getErrorMsg());
        writableMap.putString("authCode", authResponse.getAuthCode());
        writableMap.putString("grantedPermissions", authResponse.getGrantedPermissions());
        writableMap.putString("state", authResponse.getState());
        writableMap.putString("codeVerifier", codeVerifier);
        writableMap.putString("redirectUri", BuildConfig.REDIRECT_URL);
        if (loginPromise != null) {
            if (authResponse != null && (authResponse.getErrorCode() == 0)) {//授权成功
                loginPromise.resolve(writableMap);
            } else {
                Integer errorCode = -1;
                String errorMsg = "Intent Error";
                String authErrorDescription = "";
                if (authResponse != null) {
                    errorCode = authResponse.getErrorCode();
                    errorMsg = authResponse.getErrorMsg();
                    authErrorDescription = authResponse.getAuthErrorDescription();
                }
                loginPromise.reject("-1", "errorCode:" + errorCode + ",errorMsg:" + errorMsg + ",authErrorDescription:" + authErrorDescription);
            }
        }
    }

This error involves mobile phone devices as follows: （the format is "phone's brand model system version）

OPPO _ CPH2269 _ 11
OPPO_CPH2239_11
Redmi_21121119SG_12
Redmi_M2003J15SC_12
realme_RMX3521_13
realme_RMX3830_13
vivo_vivo 1901_11
vivo_V2109_13
samsung_SM-M336B_13
POCO_M2102J20SG_12
Infinix_Infinix X6811_11
....

[sunny635533]

@haifano ,I'm sorry to tag you, but this problem occurs too often in our online app.Would you guys take a look at it sometime? Thank you very much!

[Syedovaiss]

@youngKimTikTok I just upgraded to the latest version and getting same error i.e. invalid_client Both versions are not working for me

• 2.0.3
• 2.2.0

[Syedovaiss]

@haifano @youngKimTikTok I just debugged the source code and it's returning this

AuthResponse( authCode = "", state = null, grantedPermissions = "", errorCode = errorCode, errorMsg = errorMsgStr, extras = extras, authError = authError, authErrorDescription = authErrorDescription )

[youngKimTikTok]

This error occurs when the listed app signature differs from the current app's signature. Please check the app's signatures on the TikTok Developers website and the ones you built in the app.

[sunny635533]

@youngKimTikTok Here are all my certificates. Release is the online certificate I use when I package an online app and publish it to Google Play..

Is there anything wrong with these certificates? Not all users will fail to authorize login, but some users will have this certificate problem. So it shouldn’t be a problem with the certificate I registered on tiktok?？

[Syedovaiss]

@youngKimTikTok I rechecked my certificates and all are correct along with those certificates which are mentioned on Google Play Console of my app

[sunny635533]

Probably because I forgot to register the certificate after the app was packaged by google play. After I registered the certificate(which is google play used), the user who had this problem online was not found at present.

[sunny635533]

Probably because I forgot to register the certificate after the app was packaged by google play. After I registered the certificate(which is google play used), the user who had this problem online was not found at present.

[tergel93]

Also encountered this problem. Previously I was using "com.bytedance.ies.ugc.aweme:opensdk-oversea-external:0.2.1.0", and everything was working fine. After I upgraded to 2.2.0, the share function has malfunctioned.

[tergel93]

Also encountered this problem. Previously I was using "com.bytedance.ies.ugc.aweme:opensdk-oversea-external:0.2.1.0", and everything was working fine. After I upgraded to 2.2.0, the share function has malfunctioned.

After I updated the certificate fingerprint, the issue was resolved.