49

I developed a app with Flutter and tested on my device using the command: 

flutter run --release

and everything worked fine. I also tried building the app with:

flutter build apk --release

and installing it manually, and still everything was ok.
I uploaded on the store, and now the login doesn't work anymore. I tried looking at the logcat and the error i get when i try to login is:

I/flutter: exception: PlatformException(sign_in_failed, com.google.android.gms.common.api.ApiException: 12500: , null)

I tried adding the appCompat dependency and I checked the the SHA1 keys, everything is in the right place, I can't figure out why when I download if from the store it doesn't work anymore.

Andrea Grippi
  • 1,339
  • 4
  • 15
  • 27

9 Answers9

105

You likely have to register your Play Store app signing key with API providers (in this case Firebase).

  1. In your Google Play Console, visit Setup > App signing

  2. Copy SHA-1 certificate fingerprint

    Copy SHA-1 from Google Play App signing key certificate

  3. In your Firebase Console, visit Settings > Project settings

  4. Click Add fingerprint

    Add fingerprint in Firebase console

  5. Paste copied SHA-1 certificate fingerprint into Certificate fingerprint textfield

  6. Click Save

    Paste SHA-1 certificate & save

Jon Saw
  • 7,599
  • 6
  • 48
  • 57
32

Your app probably does not have the correct Google credentials for the Token API.

When you first signed up on the Google Play Console, you probably opted into Google's app signing service. What this does is, after you sign your app with your keystore and upload it to the Play Console, Google will actually sign your app with a generated keystore and roll that version out. You can access the keys with which the release version is signed from the console, under Release Management -> App signing -> App signing certificate.

Once you locate the certificate, you need to use the SHA1 key, and generate a new Android Oauth Credential, and then add that to your google-services.json. If you are not using Firebase, you will have to add the Oauth credential to your backend as well.

If you look at HarshitG's answer on this Android thread concerning the same issue, you can see a picture of where you can get the certificate information on the Play Console.

google signIn not working in release mode apk android

Alec
  • 329
  • 3
  • 3
13

go to your google play console , in the release management you'll find app signing, under that there are two Sha keys ,coppy them without the sha part to the firebas projects SHA certificate fingerprints apk will work after that.

CHANDUKA SAMARASINGHE.
  • 365
  • 3
  • 11
7

Before mindlessly running commands n stuff lets get some concepts straight!!

Your app needs to get signed by a signing certificate / keystore (that .jks file) to create a release build. Release builds are created in either Debug mode or Release mode (We'll learn about this futher on)

There are 3 types of these keystore files that you will come across:-

  1. Debug keystore generated by using ./gradlew signingReport (The debug keys is available by default when you create a flutter project)

  2. Upload keystore generated by following these instructions (This is useful to create "release builds". So use this instead of debug keys)

  3. Deployment keystore/Play Signing keystore which is automatically generated by Play Console when you first try to upload a app bundle there. (You can find it at Setup > App integrity > App signing). This keystore stays with Google. You do not have access to its .jks file. So its safe and wont get lost.

Now, I would say, if you wish to get your app on Play Store, DO NOT generate Debug keystore. Generate and ALWAYS use your Upload keystore only.

Why is this important?

  • Debug keystore are just able to sign your apps in Debug mode (not Release mode).

    Even if you try to use flutter build appbundle with --release flag, you are gonna get a app-release.aab which is signed in Debug mode! You can never publish an app signed in Debug mode in Play Store.

  • Upload keystore can sign your app in Release mode which can be published on Play Store.
  • Therefore, if you intend to publish your app in future, generate upload keystore by following these instructions and make changes to you gradle files accordingly. Do not generate that debug keystore cuz you wont need it.

This explanation should make you understand that why some answers are wrong which recommend to get a Debug keystore

Now the proper answer to the above question.

Certain Google Play services (such as Google Sign-in and App Invites) require you to provide the SHA-1 of your signing certificate

So if you are signing you app with upload keystore, add the SHA-1 fingerprint of your upload keystore in Firebase Console > Settings Icon > Project settings > Add fingerprintadd SHA-1 fingerprints

  • You can get the SHA-1 of Upload keystore using keytool -v -list -keystore /path/to/upload-keystore.jks

  • Also, you can get the SHA-1 of Upload keystore and Deployment keystore on Play Console at Setup > App integrity > App signing

Which SHA-1 should I add? There are two SHA-1 at Play Console.

You have to add both SHA-1 fingerprints to firebase.

Why?

  • For publish reviews you always have to submit your app signed with your Upload keystore. Play Console will accept your app update submission signed with that same Upload keystore only (So keep the Upload keystore safe). That's why, to make that Upload keystore signed App work properly you need to add SHA-1 of Upload keystore in Firebase.
  • After your publish review is Accepted, your app will be signed again using the Deployment keystore by Play Console (automatic), then it will be published on Play Store. So that's why to make that Deployment keystore signed App work properly you need to add SHA-1 of Deployment keystore in Firebase.
ashuvssut
  • 1,725
  • 9
  • 17
6

For those guys having such problem , They better have a look at the SHA certificate fingerprint assigned to their firebase account . Both release and debug SHA certificate fingerprint is required . To do this you can :

  1. navigate to the android folder in you project
  2. run this command ./gradlew signingReport
  3. find release SHA certificate fingerprint
  4. find debug SHA certificate fingerprint
  5. add them to the firebase account SHA certificate fingerprints
  6. redownload the google-services.json
  7. Add it to your app level folder Your done !
Mahesh Jamdade
  • 17,235
  • 8
  • 110
  • 131
Reza Aslejeddian
  • 271
  • 3
  • 5
0

For release, you need to be sure that two more SHA certificate fingerprints added to firebase apart from debug fingerprint. One can be retrieved via keytool (Upload key certificate) and the other one (App signing key certificate) can be copied from play console (App integrity section as described in above answers)

Utku A.
  • 738
  • 8
  • 8
0

I had that problem and I had solved it doing this:

Add the command below in gradle.properties file:

org.gradle.java.home=C:\Program Files\\Java\\jdk-18.0.1.1.

In my case:

org.gradle.jvmargs=-Xmx1536M
android.useAndroidX=true
android.enableJetifier=true
org.gradle.java.home=C:\Program Files\\Java\\jdk-18.0.1.1

Then, in terminal, change the directory to android. (I use windows)

cd android

Finally, i wrote ./gradlew signingreport in terminal and i got SHA1 and SHA-256. Add then to firebase.

Luis Lobo
  • 211
  • 2
  • 2
0

Sometimes this issue occurs if you generate an APK file from another system or laptop.

Ram
  • 1
0

in your terminal, go to the path of your apk or aab file, then run this command:

keytool -printcert -jarfile app.apk

AAB file

keytool -printcert -jarfile app.aab

this will give you a SHA1 and SHA256 for your release builds, then go to the firebase project and add these two fingerprints. https://developers.google.com/android/guides/client-auth

Hamza Nasser
  • 1
  • 2