Firebase Auth | The Debug vs Release Signature Problem

tl;dr
1. Update Firebase console with SHA1 of your release keystore.
2. Re-download google-config.json file.
3. Place your release keystore in the same folder as your gradle file and update gradle with the code below.
4. Tadaa!

Authenticating a user can be frustratingly tricky at times. I use Firebase all the time to do all server related tasks - I used to create my own Python Flask server prior to this. You literally have to write no server side code, and it's all for free.

All steps at the Firebase Auth documentation are straightforward, except for the part that requires you to add the google-config.json with correctly configured SHA1 key. I got stuck at this one point, and I'm certain most developers will at the same place. It took me hours to do this the right way.

Here's what you do :
Firebase Auth requires SHA1 fingerprint of your release keystore.
Run the keytool command given in the docs.

keytool -exportcert -list -v -alias alias_name -keystore path/to/keystore/location

You are asked to enter your SHA1 fingerprint in the Firebase console - copy it from the output from the above command. Now re-download your google-config.json file and replace the old one. Remember to do this. I wasted an hour before realizing I forgot to replace my old config file.

Now, here's the tricky part. While debugging by hitting the play button in Studio, the app uses debug.keystore, located in the hidden .android/ folder of your home directory. So even though your Firebase console is configured properly, your app isn't being signed with the correct keystore! So, when you try to check if your code is correct, it won't authenticate irrespective, because the two SHA1's don't match.
You can check the SHA1 fingerprint your app is signed with using this Youtube video.
Check the SHA1 fingerprint and the location of the keystore. It's certainly signing your app with the debug keystore, which doesn't match the one you configured in the Firebase console!

So here's what you do. Change the signingConfigs in the gradle file. This will make sure your app is signed with release keystore even while debugging. (View SO answer here.)

android {
    ...
    signingConfigs {
        debug {
            storeFile file("release.keystore")
            storePassword "******"
            keyAlias "******"
            keyPassword "******"
        }
    }
    buildTypes {
        release {
            signingConfig signingConfigs.release
        }
    }
}

Place your keystore in the folder your google-services.json is located. If your app is open sourced/on github, you definitely don't want your password out to the world to use. Check out the other answers in the SO answer above - make another config file that stores your credentials and is referenced by your build gradle, and add this config file to the list of .gitignore.

Remember to remove the above lines from your gradle file, as it contains your precious keystore credentials. Also remove your keystore file from your app's directory while releasing it to the play store. Don't forget!
My Github issue on Firebase's Friendly chat demonstration app. These guys are great. :)

Hope this helps!

Comments

  1. Thanks a lot. You helped me in tons.

    ReplyDelete
  2. "signingConfig signingConfigs.release" replace release with debug as you have debug name container in signingConfigs part.

    ReplyDelete
  3. A million of thanks for publish this helpful content!!! I was turning crazy with this problem in my app...

    ReplyDelete
  4. Thanks a lot saved my night :)

    ReplyDelete

Post a Comment

Popular posts from this blog

The Hardest Thing To Do

Notes from the Zurich AI Conference 2025

Shake It Up | Time to leave BigTech