Develop Reference

Android Google Sign In DEVELOPER_ERROR 10

I am trying to add Google Sign In to my Android App. I have followed the instructions in the below link:
https://developers.google.com/identity/sign-in/android/start-integrating
I have dougle checked that all the pre-requisites are met: 1. I have API version 27, Google Play Services Version 49, Google Repository version 58. I also have created a keystore (JKS) for debug, and have the App signed (Android Studio: File --> Project Structure --> (modules) app -> then configured Signing, Flavors and Build types tabs using this keystore and the alias created. I have then created a Project in Google Cloud console, created OAuth Credential for Android and have configured the SHA1 fingerprint, and have made sure that the package name is as per the manifest file.
However, the below code always results in APIException (com.google.android.gms.common.api.ApiException: 10:, Status{statusCode=DEVELOPER_ERROR, resolution=null} ).
I have followed the code snippets as per the below link:https://developers.google.com/identity/sign-in/android/sign-in
private void handleSignInResult(Task<GoogleSignInAccount> completedTask) {
try {
GoogleSignInAccount account = completedTask.getResult(ApiException.class);
// Signed in successfully, show authenticated UI.
String k="";
} catch (ApiException e) {
// The ApiException status code indicates the detailed failure reason.
}
}
I then deleted the Android OAuth Credential in Google Cloud Console project, and then created a Web Application project and tried using the client id in my Android code, which also did not work. I got the same exception. What am I doing wrong here?
I also would like to know what is the use of the Client Secret (downloadable JSON file) showing up in my OAUth creadential in the Google cloud console project?
I also have read some articles in which it is mentioned about Google-services.json file which I have not added to my project because the Google developers documentation I have followed (mentioned above) does not mention such an activity. I also have not seen such a file in Google Cloud Console, inside my project's OAuth credentials. Am I missing something here?

You have added a debug SHA-1 key in firebase console
You need to add release SHA-1 key in firebase console
You can generate release SHA-1 key by following steps :
add signing config in gradle file
click on gradle option (located at right side of android studio)
click on :<AppName> -> android -> signingReport (double click it).
this will generate signing SHA-1 key and you can see it in Run option in android studio below tab.
Note:- There will be debug and release both SHA-1 keys will present in Run tab. You need to pick release SHA-1 key. (If you didn't find release SHA-1 key, double check that you have added release configs in app level build.gradle file).
Now you can see the release SHA-1 key in run tab

Issue with firebase-google authentication [duplicate]

So I'm Stuck on this frustrating issue.
I am quite new to Google Auth on Firebase but I done everything the firebase docs instructed in how to integrate the Google SignIn Auth, yet I'm still receiving this weird Error in the console consisted of two parts:
12-03 11:07:40.090 2574-3478/com.google.android.gms E/TokenRequestor: You have wrong OAuth2 related configurations, please check. Detailed error: UNREGISTERED_ON_API_CONSOLE
and also
Google sign in failed com.google.android.gms.common.api.ApiException: 10:
Before Anyone attempts to point out similar questions that have previously been asked on stack overflow, Here's what I have done till now after seen all the available solutions and yet non has resolved the error
I have my SHA1 fingerprint for my project
I have my OAuth 2.0 client ID, both, the android client id and the web client and in the requestIdToken() I have put the web client id.
I did not publish my project's APK on google play store. which means I did not accidentally generate another SHA1 fingerprint.
I have followed step by step the Google Sign in Auth firebase docs.
here is my code snippet:
#Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_signup);
ButterKnife.bind(this);
String webClientId = getString(R.string.web_client_id);
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.requestIdToken(webClientId)
.build();
mGoogleApiClient = new GoogleApiClient.Builder(this)
.enableAutoManage(this /* FragmentActivity */, this /* OnConnectionFailedListener */)
.addApi(Auth.GOOGLE_SIGN_IN_API, gso)
.build();
mGoogleSignInClient = GoogleSignIn.getClient(this, gso);
GoogleSignInAccount account = GoogleSignIn.getLastSignedInAccount(this);
googleLoginBtn.setOnClickListener(new View.OnClickListener() {
#Override
public void onClick(View view) {
Intent signInIntent = mGoogleSignInClient.getSignInIntent();
startActivityForResult(signInIntent, RC_SIGN_IN);
}
});
}
#Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
super.onActivityResult(requestCode, resultCode, data);
// Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
if (requestCode == RC_SIGN_IN) {
// The Task returned from this call is always completed, no need to attach
// a listener.
Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
try{
GoogleSignInAccount account = task.getResult(ApiException.class);
firebaseAuthWithGoogle(account);
} catch (ApiException e) {
// Google Sign In failed, update UI appropriately
Log.w(TAG, "Google sign in failed", e);
// [START_EXCLUDE]
Toast.makeText(this, "Gooogle Auth failed", Toast.LENGTH_LONG);
// [END_EXCLUDE]
}
}
}
private void firebaseAuthWithGoogle(GoogleSignInAccount acct) {
Log.d(TAG, "firebaseAuthWithGoogle:" + acct.getId());
// [START_EXCLUDE silent]
//showProgressDialog();
// [END_EXCLUDE]
AuthCredential credential = GoogleAuthProvider.getCredential(acct.getIdToken(), null);
mAuth.signInWithCredential(credential)
.addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
#Override
public void onComplete(#NonNull Task<AuthResult> task) {
if (task.isSuccessful()) {
// Sign in success, update UI with the signed-in user's information
Log.d(TAG, "signInWithCredential:success");
FirebaseUser user = mAuth.getCurrentUser();
Toast.makeText(LoginActivity.this, "Successful Auth", Toast.LENGTH_LONG).show();
} else {
// If sign in fails, display a message to the user.
Log.w(TAG, "signInWithCredential:failure", task.getException());
Toast.makeText(LoginActivity.this, "Authentication failed.",
Toast.LENGTH_SHORT).show();
//updateUI(null);
}
// [START_EXCLUDE]
//hideProgressDialog();
// [END_EXCLUDE]
}
});
}

Basically problem is in the SHA1 key put on console please regenerate it and put again properly same project.
1)As the answers, make sure that your actual signed Android apk has the same SHA1 fingerprint as what you specified in the console of your Firebase project's Android integration section (the page where you can download the google-services.json)
For more info, see: Generate SHA-1 for Flutter app
2)On top of that go to the Settings of your firebase project (gear icon right to the Overview at the top-left area. Then switch to Account Linking tab. On that tab link the Google Play to your project.
EDIT:
Account Linking tab doesn't exist any more, instead :
Sign in to Firebase.
Click the Settings icon, then select Project settings.
Click the Integrations tab.
On the Google Play card, click Link.

When using App Signing by Google Play and Firebase, you need to add the SHA-1 fingerprint of the App signing certificate (found on Google Play Console/ Release Management/ App signing certificate) to the Firebase Console/ Settings/ SHA certificate fingerprints
Updated location for the SHAs: Google Play Console > Release > Setup > App integrity

In My case, There is no problem with SHA-1
I have done GoogleAuth using Firebase.
I forgot to add implementation 'com.firebaseui:firebase-ui-auth:4.3.1'
And I put my own key instead of R.string.default_web_client_id, So that was the problem. I added above dependency and replace R.string.default_web_client_id with my own key.
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken(getString(R.string.default_web_client_id))
.requestEmail()
.build();
UPDATE : 18-Dec-2020
We can also use without requestIdToken like below. For this you must have to add your SHA1 to google console.
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.build();

I was facing the same issue, After checking around for a solution, from regenerating the finger print to linking the app on firebase to the Google play console and publishing the signed apk, the issue was actually because I was using the release SHA-1 on the firebase console.
If you are still on debug mode, use the debug.keystore SHA1
Only use the release SHA1 if you are on production mode
https://developer.android.com/studio/publish/app-signing.html

My solution was a little different,
After hours of trying various things. I found my solution:
Using the steps listed here:
https://stackoverflow.com/a/34223470/10575896
Open Android Studio
Open your Project
Click on Gradle (From Right Side Panel, you will see Gradle Bar)
Click on Refresh (Click on Refresh from Gradle Bar, you will see List Gradle scripts of your Project)
Click on Your Project (Your Project Name form List (root))
Click on Tasks
Click on Android
Double Click on signingReport (You will get SHA1 and MD5 in Run Bar(Sometimes it will be in Gradle Console))
The console will print out the SHA keys for both debug and release. I had added the debug keys to firebase sometime in the past, but I had not added the release keys.
I simply added the SHA1 and SHA256 keys to firebase, and I was good to go.

If you have all configuration valid in firebase like SHA-1 and you have imported right google-services.json file still you are getting error then add the support email in firebase console
You have to add support email in fire base console
Go to Project-> Setting -> General -> Public setting add Support Email

i was dealing with this problem for 2 days !
the problem was the clientId i used, was android type while i had to use web Aplication type Clientid . please consider this if you have the same problem ;)

I had problems with each answer, so here is the solution that worked for me:
First, add Firebase to your project:
Go to Firebase web site -> Add Project -> Once when you create new project go to Add App and add your Android app
Take care to add the exact package name and debug SHA-1 key.
You can generate debug SHA-1 key doing the following in Android Studio:
On the right side open Gradle panel -> go to Tasks -> android -> run signingReport
Your SHA-1 key will be shown in Run window
Once when you register the app, download the config file. In the config .json file you can find your client_id : client -> oauth_client -> client_id
Take care there are two client_ids. The one with "client_type": 3 worked for me with the following code:
private fun requestSignIn(context: Context) {
GoogleSignIn.getLastSignedInAccount(context)?.also { account ->
onSignedIn(account)
return
}
val signInOptions = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestScopes(Scope("https://www.googleapis.com/auth/spreadsheets"))
.requestEmail()
.requestIdToken("client_id_goes_here")
.build()
val client = GoogleSignIn.getClient(context, signInOptions)
startActivityForResult(client.signInIntent, REQUEST_SIGN_IN)
}
Then in the onActivityResult:
override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
super.onActivityResult(requestCode, resultCode, data)
if (requestCode == REQUEST_SIGN_IN) {
if( resultCode == RESULT_OK) {
GoogleSignIn.getSignedInAccountFromIntent(data)
.addOnSuccessListener { account ->
onSignedIn(account)
}
.addOnFailureListener { e ->
Log.d("Fail", "Fail")
}
}
}
}
In onSignedIn you should do the google sheet api call

Make you use .requestIdToken(getString(R.string.default_web_client_id)) when you Build GoogleSignInOptions:
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken(getString(R.string.default_web_client_id))
.requestEmail()
.build();
Add your debug.keystore's SHA1 and SHA256 fingerprint to your Firebase project with the following steps:
Obtain the debug.keystore's fingerprints: Linux/Mac - keytool -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore, Windows - keytool -list -v -alias androiddebugkey -keystore %USERPROFILE%\.android\debug.keystore
Add these fingerprint's to your Firebases project's Android app section: https://support.google.com/firebase/answer/9137403?hl=en

Yo guys, make sure that you have installed google play services in android studio SDK Manager. After I did it, rebuild unity project — all works fine.

It's 2022 and I spent 7 hours debugging this! I am not a native Android developer so I didn't know what's what until now.
Here is how I made it to work.
1) Make sure you have different build numbers between dev and prod!
There are 3 different builds/app in the world that you are playing with:
The one in Google Play Store that you can install. It has a build number associated with it, both in the Play Store and in the App -> tap and hold -> info.
The one in Android Studio build that has release build flavor
The one in Android Studio build that has debug build flavor
The debug one is the one you can attach the debugger (the bug icon!) and release is the one that you cannot.
Whatever you do, make sure these are different or you will pull your hair why it works here and not there!
Android: Tag > Build > Release > then immediately version bump
I am coming from a background that we tag and version right before the release. (e.g. backend) Here, if you do so, it messes everything up! So you should tag, then release, then version bump immediately!
Ideally, the Play store should be 1.1.7, the release one should be 1.1.8 (yes, one version ahead as it's the one you are going to publish), and the debug one should be 1.1.8-debug.
If you don't do so, and they are the same, Android OS is going to cache the packages/APKs. So even if you go and install the app from Play Store, it might use an Android Studio version that it has in cache, with its own certificate! (That took me 4 hours of not knowing why installing the same app from Play Store on two phones, yielded different behaviors -- one was using the cached APK from Android Studio USB builds.)
2) You need at least 4 different Oauth Client ID Keys from GCP!
At this point, you should be aware of the crazy system that you should create a "Web" OAuth Client ID for Android, and also a dummy Android one! See this.
Yes, you need one "Web" key, and one "Android" key to have the GoogleSignIn work. You should use the "Web" one almost everywhere (except for doing server-side token validation, where you verify the audience/issuer of the JWT). Regardless, without the unused dummy "Android" one, it's not gonna work.
However, the part that I didn't know was that you need 3 Android + 1 Web!
When you create an Android OAuth Client ID, it asks for a SHA-1.
And each of those 3 apps has its own certificates, a.k.a SHA-1s.
How to get 3 SHA-1s?
For 2 and 3 (release and debug of Android Studio) you can get them from gradle via this solution.
For the Play Store one, you have to go to Play Console > App Integrity > App Signing and get the "App signing" certificate from there. (The upload one should match your release one most likely.)
Now, go ahead and create these 3 Android Ouath Client Ids + 1 for Web and hopefully Google SignIn will work everywhere!

I am not sure if this is the cause, but we might need to use the Web Client ID in the Android App before publishing it, read the following article,
https://android-developers.googleblog.com/2016/03/registering-oauth-clients-for-google.html

After adding the SHA1 and SHA256 app signing certificates it still didn't work. Once I added the SHA1 App upload certificate it worked :)

After adding the SHA1 and SHA256 app signing certificates it works.

I have faced the same error and I solved it by fixing the value of WEB_CLIENT_ID
You can check the value at:
Authentication -> Sign-in Method -> Provider (ex: Google) -> Web SDK Configuration -> Web Client ID

In my case to work on the emulator, I followed the steps https://stackoverflow.com/a/46767856/6800637, and in addition to putting in https://console.firebase.google.com projectName/ settings / general, my signature key sha1 and sha256 I also put the key sha1 from [debug.keystore]
which is shown when you follow the steps mentioned above

This status code means that you are providing unknown server client id.
So I was able to resolve this issue by changing the OAuth Client ID at Android client:
googleSignInOptions = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken("web application client id")
.requestEmail()
.build()
In https://console.developers.google.com/apis/credentials in your project you might need to generate: OAuth client ID -> Web Application and use this web application client id in your Android app.

I had this problem recently when trying to use google sign in using Firebase. I could fix it by updating requestIdToken in GoogleSignInOptions to the one provided as client_id in google-services.json file.

These are all great answers, in case anyone else is trying to have multiple firebase projects for one app, i.e. development and production the trick is when you want to test production, you'll need to upload the APK to Google Play if you use Google Play to manage the signing of your app. I used the internal testing track, and then it started working.
You cannot just install the APK on your device with your debug keys, because it does not match the production keys in Firebase.
Another side note - as others have mentioned - for some reason you need to use the "web" OAuth client ID, NOT the Android OAuth client. This is a really confusing thing for Google to do.

Although, the tutorial and the configuration page suggests to get the package name from the manifest file, it seems it is checked against the "applicationId" in the "app/build.gradle" file.
There are two places to set the package name I've found so far:
app/src/main/AndroidManifest.xml
app/build.gradle android.defaultConfig.applicationId
In my case those two names were different. Earlier I had updated the package name in the first file but forgot to update in the build.gradle file.

If you are on flutter, take a look on where you initialized your GoogleSignIn, for me adding the clientId parameter worked on iOS but breaks android try that as well

If you are having multiple apps under same Project in Firebase, make sure you are in the correct (App)com.xxx.yyy, that matchup with your current project you are doing in Android Studio. Then change the sha1 in settings of Firebase under proper (App)com.xxx.yyy and download the Json accordingly past it at, In project level view apps->build->source.

This might come if you have not set the SHA-1/SHA-256 hashes for your project.

I double-checked everything on the firebase console, I have correctly added SHA keys also I was facing an error. After spending hours I found the error was due to not setting up OAuth Consent in Google Console. So if any once facing the same issue please check this step as well, that might be your help you out.

if above help from other universe can't prevent Google making you fired from your company, below may be help you:
edit file "build.gradle" (:app)
in android{}, add these if missing, change file path, storePassword, keyAlias, keyPassword
signingConfigs {
debug {
storeFile file('E:\\keystore.jks')
storePassword '123456'
keyAlias 'key0'
keyPassword '123456'
}
release {
storeFile file('E:\\keystore.jks')
storePassword '123456'
keyAlias 'key0'
keyPassword '123456'
}
}
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.release
}
debug {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.debug
}
}
Build/Clean Project
Sync Now
if still not working, run Debug app, magical will appear

I also faced this problem and search many time but didn't get over this. then I tried firebase authentication and this was worked. try following steps :
go to firebase - go to console(upper right corner) - click on your built app card - then click on authentication and then authenticate your id.
try it.

Google sign in failed com.google.android.gms.common.api.ApiException: 10:

So I'm Stuck on this frustrating issue.
I am quite new to Google Auth on Firebase but I done everything the firebase docs instructed in how to integrate the Google SignIn Auth, yet I'm still receiving this weird Error in the console consisted of two parts:
12-03 11:07:40.090 2574-3478/com.google.android.gms E/TokenRequestor: You have wrong OAuth2 related configurations, please check. Detailed error: UNREGISTERED_ON_API_CONSOLE
and also
Google sign in failed com.google.android.gms.common.api.ApiException: 10:
Before Anyone attempts to point out similar questions that have previously been asked on stack overflow, Here's what I have done till now after seen all the available solutions and yet non has resolved the error
I have my SHA1 fingerprint for my project
I have my OAuth 2.0 client ID, both, the android client id and the web client and in the requestIdToken() I have put the web client id.
I did not publish my project's APK on google play store. which means I did not accidentally generate another SHA1 fingerprint.
I have followed step by step the Google Sign in Auth firebase docs.
here is my code snippet:
#Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_signup);
ButterKnife.bind(this);
String webClientId = getString(R.string.web_client_id);
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.requestIdToken(webClientId)
.build();
mGoogleApiClient = new GoogleApiClient.Builder(this)
.enableAutoManage(this /* FragmentActivity */, this /* OnConnectionFailedListener */)
.addApi(Auth.GOOGLE_SIGN_IN_API, gso)
.build();
mGoogleSignInClient = GoogleSignIn.getClient(this, gso);
GoogleSignInAccount account = GoogleSignIn.getLastSignedInAccount(this);
googleLoginBtn.setOnClickListener(new View.OnClickListener() {
#Override
public void onClick(View view) {
Intent signInIntent = mGoogleSignInClient.getSignInIntent();
startActivityForResult(signInIntent, RC_SIGN_IN);
}
});
}
#Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
super.onActivityResult(requestCode, resultCode, data);
// Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
if (requestCode == RC_SIGN_IN) {
// The Task returned from this call is always completed, no need to attach
// a listener.
Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
try{
GoogleSignInAccount account = task.getResult(ApiException.class);
firebaseAuthWithGoogle(account);
} catch (ApiException e) {
// Google Sign In failed, update UI appropriately
Log.w(TAG, "Google sign in failed", e);
// [START_EXCLUDE]
Toast.makeText(this, "Gooogle Auth failed", Toast.LENGTH_LONG);
// [END_EXCLUDE]
}
}
}
private void firebaseAuthWithGoogle(GoogleSignInAccount acct) {
Log.d(TAG, "firebaseAuthWithGoogle:" + acct.getId());
// [START_EXCLUDE silent]
//showProgressDialog();
// [END_EXCLUDE]
AuthCredential credential = GoogleAuthProvider.getCredential(acct.getIdToken(), null);
mAuth.signInWithCredential(credential)
.addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
#Override
public void onComplete(#NonNull Task<AuthResult> task) {
if (task.isSuccessful()) {
// Sign in success, update UI with the signed-in user's information
Log.d(TAG, "signInWithCredential:success");
FirebaseUser user = mAuth.getCurrentUser();
Toast.makeText(LoginActivity.this, "Successful Auth", Toast.LENGTH_LONG).show();
} else {
// If sign in fails, display a message to the user.
Log.w(TAG, "signInWithCredential:failure", task.getException());
Toast.makeText(LoginActivity.this, "Authentication failed.",
Toast.LENGTH_SHORT).show();
//updateUI(null);
}
// [START_EXCLUDE]
//hideProgressDialog();
// [END_EXCLUDE]
}
});
}

Basically problem is in the SHA1 key put on console please regenerate it and put again properly same project.
1)As the answers, make sure that your actual signed Android apk has the same SHA1 fingerprint as what you specified in the console of your Firebase project's Android integration section (the page where you can download the google-services.json)
For more info, see: Generate SHA-1 for Flutter app
2)On top of that go to the Settings of your firebase project (gear icon right to the Overview at the top-left area. Then switch to Account Linking tab. On that tab link the Google Play to your project.
EDIT:
Account Linking tab doesn't exist any more, instead :
Sign in to Firebase.
Click the Settings icon, then select Project settings.
Click the Integrations tab.
On the Google Play card, click Link.

When using App Signing by Google Play and Firebase, you need to add the SHA-1 fingerprint of the App signing certificate (found on Google Play Console/ Release Management/ App signing certificate) to the Firebase Console/ Settings/ SHA certificate fingerprints
Updated location for the SHAs: Google Play Console > Release > Setup > App integrity

In My case, There is no problem with SHA-1
I have done GoogleAuth using Firebase.
I forgot to add implementation 'com.firebaseui:firebase-ui-auth:4.3.1'
And I put my own key instead of R.string.default_web_client_id, So that was the problem. I added above dependency and replace R.string.default_web_client_id with my own key.
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken(getString(R.string.default_web_client_id))
.requestEmail()
.build();
UPDATE : 18-Dec-2020
We can also use without requestIdToken like below. For this you must have to add your SHA1 to google console.
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.build();

I was facing the same issue, After checking around for a solution, from regenerating the finger print to linking the app on firebase to the Google play console and publishing the signed apk, the issue was actually because I was using the release SHA-1 on the firebase console.
If you are still on debug mode, use the debug.keystore SHA1
Only use the release SHA1 if you are on production mode
https://developer.android.com/studio/publish/app-signing.html

My solution was a little different,
After hours of trying various things. I found my solution:
Using the steps listed here:
https://stackoverflow.com/a/34223470/10575896
Open Android Studio
Open your Project
Click on Gradle (From Right Side Panel, you will see Gradle Bar)
Click on Refresh (Click on Refresh from Gradle Bar, you will see List Gradle scripts of your Project)
Click on Your Project (Your Project Name form List (root))
Click on Tasks
Click on Android
Double Click on signingReport (You will get SHA1 and MD5 in Run Bar(Sometimes it will be in Gradle Console))
The console will print out the SHA keys for both debug and release. I had added the debug keys to firebase sometime in the past, but I had not added the release keys.
I simply added the SHA1 and SHA256 keys to firebase, and I was good to go.

If you have all configuration valid in firebase like SHA-1 and you have imported right google-services.json file still you are getting error then add the support email in firebase console
You have to add support email in fire base console
Go to Project-> Setting -> General -> Public setting add Support Email

i was dealing with this problem for 2 days !
the problem was the clientId i used, was android type while i had to use web Aplication type Clientid . please consider this if you have the same problem ;)

I had problems with each answer, so here is the solution that worked for me:
First, add Firebase to your project:
Go to Firebase web site -> Add Project -> Once when you create new project go to Add App and add your Android app
Take care to add the exact package name and debug SHA-1 key.
You can generate debug SHA-1 key doing the following in Android Studio:
On the right side open Gradle panel -> go to Tasks -> android -> run signingReport
Your SHA-1 key will be shown in Run window
Once when you register the app, download the config file. In the config .json file you can find your client_id : client -> oauth_client -> client_id
Take care there are two client_ids. The one with "client_type": 3 worked for me with the following code:
private fun requestSignIn(context: Context) {
GoogleSignIn.getLastSignedInAccount(context)?.also { account ->
onSignedIn(account)
return
}
val signInOptions = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestScopes(Scope("https://www.googleapis.com/auth/spreadsheets"))
.requestEmail()
.requestIdToken("client_id_goes_here")
.build()
val client = GoogleSignIn.getClient(context, signInOptions)
startActivityForResult(client.signInIntent, REQUEST_SIGN_IN)
}
Then in the onActivityResult:
override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
super.onActivityResult(requestCode, resultCode, data)
if (requestCode == REQUEST_SIGN_IN) {
if( resultCode == RESULT_OK) {
GoogleSignIn.getSignedInAccountFromIntent(data)
.addOnSuccessListener { account ->
onSignedIn(account)
}
.addOnFailureListener { e ->
Log.d("Fail", "Fail")
}
}
}
}
In onSignedIn you should do the google sheet api call

Make you use .requestIdToken(getString(R.string.default_web_client_id)) when you Build GoogleSignInOptions:
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken(getString(R.string.default_web_client_id))
.requestEmail()
.build();
Add your debug.keystore's SHA1 and SHA256 fingerprint to your Firebase project with the following steps:
Obtain the debug.keystore's fingerprints: Linux/Mac - keytool -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore, Windows - keytool -list -v -alias androiddebugkey -keystore %USERPROFILE%\.android\debug.keystore
Add these fingerprint's to your Firebases project's Android app section: https://support.google.com/firebase/answer/9137403?hl=en

Yo guys, make sure that you have installed google play services in android studio SDK Manager. After I did it, rebuild unity project — all works fine.

It's 2022 and I spent 7 hours debugging this! I am not a native Android developer so I didn't know what's what until now.
Here is how I made it to work.
1) Make sure you have different build numbers between dev and prod!
There are 3 different builds/app in the world that you are playing with:
The one in Google Play Store that you can install. It has a build number associated with it, both in the Play Store and in the App -> tap and hold -> info.
The one in Android Studio build that has release build flavor
The one in Android Studio build that has debug build flavor
The debug one is the one you can attach the debugger (the bug icon!) and release is the one that you cannot.
Whatever you do, make sure these are different or you will pull your hair why it works here and not there!
Android: Tag > Build > Release > then immediately version bump
I am coming from a background that we tag and version right before the release. (e.g. backend) Here, if you do so, it messes everything up! So you should tag, then release, then version bump immediately!
Ideally, the Play store should be 1.1.7, the release one should be 1.1.8 (yes, one version ahead as it's the one you are going to publish), and the debug one should be 1.1.8-debug.
If you don't do so, and they are the same, Android OS is going to cache the packages/APKs. So even if you go and install the app from Play Store, it might use an Android Studio version that it has in cache, with its own certificate! (That took me 4 hours of not knowing why installing the same app from Play Store on two phones, yielded different behaviors -- one was using the cached APK from Android Studio USB builds.)
2) You need at least 4 different Oauth Client ID Keys from GCP!
At this point, you should be aware of the crazy system that you should create a "Web" OAuth Client ID for Android, and also a dummy Android one! See this.
Yes, you need one "Web" key, and one "Android" key to have the GoogleSignIn work. You should use the "Web" one almost everywhere (except for doing server-side token validation, where you verify the audience/issuer of the JWT). Regardless, without the unused dummy "Android" one, it's not gonna work.
However, the part that I didn't know was that you need 3 Android + 1 Web!
When you create an Android OAuth Client ID, it asks for a SHA-1.
And each of those 3 apps has its own certificates, a.k.a SHA-1s.
How to get 3 SHA-1s?
For 2 and 3 (release and debug of Android Studio) you can get them from gradle via this solution.
For the Play Store one, you have to go to Play Console > App Integrity > App Signing and get the "App signing" certificate from there. (The upload one should match your release one most likely.)
Now, go ahead and create these 3 Android Ouath Client Ids + 1 for Web and hopefully Google SignIn will work everywhere!

I am not sure if this is the cause, but we might need to use the Web Client ID in the Android App before publishing it, read the following article,
https://android-developers.googleblog.com/2016/03/registering-oauth-clients-for-google.html

After adding the SHA1 and SHA256 app signing certificates it still didn't work. Once I added the SHA1 App upload certificate it worked :)

After adding the SHA1 and SHA256 app signing certificates it works.

I have faced the same error and I solved it by fixing the value of WEB_CLIENT_ID
You can check the value at:
Authentication -> Sign-in Method -> Provider (ex: Google) -> Web SDK Configuration -> Web Client ID

In my case to work on the emulator, I followed the steps https://stackoverflow.com/a/46767856/6800637, and in addition to putting in https://console.firebase.google.com projectName/ settings / general, my signature key sha1 and sha256 I also put the key sha1 from [debug.keystore]
which is shown when you follow the steps mentioned above

This status code means that you are providing unknown server client id.
So I was able to resolve this issue by changing the OAuth Client ID at Android client:
googleSignInOptions = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken("web application client id")
.requestEmail()
.build()
In https://console.developers.google.com/apis/credentials in your project you might need to generate: OAuth client ID -> Web Application and use this web application client id in your Android app.

I had this problem recently when trying to use google sign in using Firebase. I could fix it by updating requestIdToken in GoogleSignInOptions to the one provided as client_id in google-services.json file.

These are all great answers, in case anyone else is trying to have multiple firebase projects for one app, i.e. development and production the trick is when you want to test production, you'll need to upload the APK to Google Play if you use Google Play to manage the signing of your app. I used the internal testing track, and then it started working.
You cannot just install the APK on your device with your debug keys, because it does not match the production keys in Firebase.
Another side note - as others have mentioned - for some reason you need to use the "web" OAuth client ID, NOT the Android OAuth client. This is a really confusing thing for Google to do.

Although, the tutorial and the configuration page suggests to get the package name from the manifest file, it seems it is checked against the "applicationId" in the "app/build.gradle" file.
There are two places to set the package name I've found so far:
app/src/main/AndroidManifest.xml
app/build.gradle android.defaultConfig.applicationId
In my case those two names were different. Earlier I had updated the package name in the first file but forgot to update in the build.gradle file.

If you are on flutter, take a look on where you initialized your GoogleSignIn, for me adding the clientId parameter worked on iOS but breaks android try that as well

If you are having multiple apps under same Project in Firebase, make sure you are in the correct (App)com.xxx.yyy, that matchup with your current project you are doing in Android Studio. Then change the sha1 in settings of Firebase under proper (App)com.xxx.yyy and download the Json accordingly past it at, In project level view apps->build->source.

This might come if you have not set the SHA-1/SHA-256 hashes for your project.

I double-checked everything on the firebase console, I have correctly added SHA keys also I was facing an error. After spending hours I found the error was due to not setting up OAuth Consent in Google Console. So if any once facing the same issue please check this step as well, that might be your help you out.

if above help from other universe can't prevent Google making you fired from your company, below may be help you:
edit file "build.gradle" (:app)
in android{}, add these if missing, change file path, storePassword, keyAlias, keyPassword
signingConfigs {
debug {
storeFile file('E:\\keystore.jks')
storePassword '123456'
keyAlias 'key0'
keyPassword '123456'
}
release {
storeFile file('E:\\keystore.jks')
storePassword '123456'
keyAlias 'key0'
keyPassword '123456'
}
}
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.release
}
debug {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.debug
}
}
Build/Clean Project
Sync Now
if still not working, run Debug app, magical will appear

I also faced this problem and search many time but didn't get over this. then I tried firebase authentication and this was worked. try following steps :
go to firebase - go to console(upper right corner) - click on your built app card - then click on authentication and then authenticate your id.
try it.

Google sign-in Android with Firebase - statusCode DEVELOPER_ERROR

I try to implement Google login in my Firebase connected Android app.
When I run the app and press Google Sign In button - nothing happen. And I receive this error in onActivityResult:
Status{statusCode=DEVELOPER_ERROR, resolution=null}.
My code looks like this:
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
if (requestCode == REQUEST_CODE_GOOGLE_LOGIN) {
GoogleSignInResult result = Auth.GoogleSignInApi.getSignInResultFromIntent(data);
if (result.isSuccess()){
GoogleSignInAccount account = result.getSignInAccount();
String emailAddres = account.getEmail();
getGoogleQAuthToken(emailAddres);
}
}
}
private void getGoogleQAuthToken(final String emailAddres){
AsyncTask<Void,Void,String> task = new AsyncTask<Void, Void, String>() {
String errorMessage = null;
#Override
protected String doInBackground(Void... params) {
String token = null;
try {
String scope = "oauth2:profile email";
token = GoogleAuthUtil.getToken(MainActivity.this, emailAddres, scope);
} catch (IOException transientEx) {
errorMessage = "Network error: " + transientEx.getMessage();
} catch (UserRecoverableAuthException e) {
Intent recover = e.getIntent();
startActivityForResult(recover, MainActivity.REQUEST_CODE_GOOGLE_LOGIN);
} catch (GoogleAuthException authEx) {
errorMessage = "Error authenticating with Google: " + authEx.getMessage();
}
return token;
}
I've added JSON config file in app/ directory and added dependencies:
buildscript {
repositories {
jcenter()
}
dependencies {
classpath 'com.google.gms:google-services:1.5.0-beta2'
}
}
dependencies {
compile fileTree(dir: 'libs', include: ['*.jar'])
compile 'com.android.support:appcompat-v7:23.1.+'
compile 'com.firebase:firebase-client-android:2.3.0+'
/* For Google Play Services */
compile 'com.google.android.gms:play-services-safetynet:8.3.0'
compile 'com.google.android.gms:play-services-auth:8.3.0'
compile 'com.google.android.gms:play-services:8.3.0'
compile('com.afollestad.material-dialogs:core:0.8.3.0#aar') {
transitive = true
}
/* Firebase UI */
compile 'com.firebaseui:firebase-ui:0.2.2'
compile 'com.android.support:cardview-v7:23.1.+'
compile 'com.android.support:recyclerview-v7:23.1.+'
compile 'com.android.support:design:23.1.+'
}
apply plugin: 'com.google.gms.google-services'
I am looking for solution hours already...
Please help!!

DEVELOPER_ERROR means Google Play services was unable to find a matching client from the console based on your SHA1 and package name. You can add SHA1s in the settings page on the Firebase console for a given package name, or add a new package name through the Add Firebase to your Android app button.
In general, some things to check for:
Make sure your package name is what you expect - e.g. its the one in your build.gradle, and its not being overriden in a build variant or product flavor.
Make sure you have registered your debug and release SHA1 keys in the console.

If Google Play App Signing is enabled for your app, then it will replace your release signing key with the one on Google's server before publishing.
You can check if it is enabled from: Google Play Console -> Release Management -> App Signing.
In my case, to resolve the error I had to:
copy the SHA1 from the 'App signing certificate' section
add it to the Firebase projects general settings section
regenerate the json file
add it to the project
re-upload the apk

Error code 10 is constant value of CommonStatusCodes.DEVELOPER_ERROR which implies you have misconfigured your project
What you can do
check if SHA from PlayStore Console and Firebase Console are same.
Copy SHA from Google Play console
paste it into Firebase Console
What else you can do?
Display meaningful messages in plain English case of failure
// Google Sign In failed, update UI appropriately
Log.w(TAG, "Google sign in failed", e);
String messageToDisplay = "Authentication failed.";
switch (e.getStatusCode()) {
case CommonStatusCodes.API_NOT_CONNECTED: //17
messageToDisplay += "The client attempted to call a method from an API that failed to connect.";
break;
case CommonStatusCodes.DEVELOPER_ERROR: //10
messageToDisplay += "The application is misconfigured.";
break;
case CommonStatusCodes.ERROR: //13
messageToDisplay += "The operation failed with no more detailed information.";
break;
case CommonStatusCodes.INTERNAL_ERROR: //8
messageToDisplay += "An internal error occurred.";
break;
case CommonStatusCodes.INVALID_ACCOUNT: //8
messageToDisplay += "Invalid account name specified.";
break;
case CommonStatusCodes.SIGN_IN_REQUIRED: //8
messageToDisplay += "Please Sign In to continue.";
break;
}
Toast.makeText(LoginActivity.this, messageToDisplay,
Toast.LENGTH_SHORT).show();

I had the same problem. What happens is this you have a SHA1 debug and release SHA1. Normally we used only SHA1 Debug and generate the .apk signed to google play, but when we use google sigin you must enter the firebase release of SHA1.
To view the release SHA1 use the following command:
keytool -list -v -keystore C:\ProjectsData\keystore\my-release-key.keystore -alias alias_name
Then enter this SHA1 on the Firebase
https://support.google.com/firebase/answer/7000104
This answer SHA1:
SHA-1 fingerprint of keystore certificate
Hope I helped you.

Had the same issue. But worked fine after I cleaned and rebuilt the project. :D

I created new debug SHA1 key using following steps and replaced SHA1 key in my project settings. it worked for me.
-Open Your Project.
-Click on File menu -> New -> Click on Google -> Select Google Maps Activity -> Click on Finish.
-Android studio would generate automatic google_maps_api.xml file.
-You can get debug SHA1 key in this file.
Replace this SHA1 key in project settings, Then download new google-services.json from settings and replace it in your project as your certificate_hash and client_id will change.

I had the same issue and I got it working by doing these steps:
1. Add DEBUG_KEYSTORE SHA1 fingerprint to the firebase project. use the following command(MAC/LINUX)
keytool -exportcert -list -v \-alias androiddebugkey -keystore ~/.android/debug.keystore
2. Now Generate a signed apk of your project. The process includes generating a keystore for your app's release version. Copy the path of the newly generated .jks file.
3. Now generate RELEASE_KEYSTORE SHA1 fingerprint using the following command
keytool -list -v -keystore FULL_PATH_TOJKS_FILE -alias ALIAS_NAME
4. Copy the new SHA1 from the output and add it as another SHA1 fingerprint in your firebase application console.
Now you are good to go! ---- Hope! it helps.

After spending two hours on this. Trying out everything mentioned here and on this github issue. I still got the same developer error.
What worked for me is to force android studio to use a new debug signing key and add the new key to firebase console.
When you generate the signingReport in android studio it also print where your keystore is located. Something like:
> Task :app:signingReport
Variant: debug
Config: debug
Store: C:\Users\<Username>\.android\debug.keystore
Alias: AndroidDebugKey
MD5: E0:....
SHA1: DD....
SHA-256: B2:81....
Valid until: Thursday, 23 March 2051
----------
I renamed the debug.keystore to debug.keystore_ and the lock file also. Then I did a clean and rebuild in android studio. It automatically created a new keystore. Use the signingReport again and add the new key to the firebase console project.
This solved the issue for me.
Note: To double check the package name of the debug apk. Use the aapt2 tool: https://developer.android.com/studio/command-line/aapt2
By default, it was located in the android-sdk\build-tools\<version>\aapt2.exe path for me.
aapt2 dump packagename <projectpath>\app\build\outputs\apk\debug\app-debug.apk
Though it was the same for me as the manifest and the build.gradle one.

I think you need to change your play-service version.
See Firebase Android Codelab to add Firebase Auth dependency to your app/build.gradle file.
Try to update your play-service in gradle as below:
/* For Google Play Services */
...
compile 'com.google.android.gms:play-services:9.0.0'
...
DEVELOPER_ERROR :
The application is misconfigured. This error is not recoverable and will be treated as fatal. The developer should look at the logs after this to determine more actionable information.

While creating the OAuth key, you need to make sure you are giving correct package name. This means the package name that comes in your manifest file.
If you are using multiple modules (e.g. some library like FirebaseUI-Android), then make sure while creating the key, you use the package name from which you request Google authentication.

I had the same issue. After 2 days of pain, I observed that my release SHA1 was incorect (I used to get it using the keytool in java/bin and it gave me a bad SHA1. Probably because now Android Studio uses its own java package and not the JDK). Better way to get the corect SHA1 here SHA-1 fingerprint of keystore certificate

Click Here (Google Developer guide line) and create new project for Firebase console
this link is set with default setting, so you don't need to add it manually

If your app is on release mode/production, then you have to get the SHA1 from your-release-store.keystore. If your app is on development mode, then you have to get the SHA1 from your-debug-key.keystore. Copy all the SHA1 to your Firebase project settings > add fingerprint.
This is how to get the SHA1 from your keystore file:
keytool -exportcert -keystore ~/pathtoyourkeystore/yourfile.keystore -list -v

New Google sign in Android

I'm trying to get a user token ID using the new Google play services 8.3
and as documented I pass the server ID:
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken(getString(R.string.server_client_id))
.requestEmail()
.build();
but I'm still getting un successful result as below:
{statusCode=unknown status code: 12501, resolution=null}
and documented here GoogleSignInStatusCodes
The sign-in was cancelled by the user. i.e. the user cancelled some of the sign-in resolutions, e.g. account picking or OAuth consent.
Constant Value: 12501
That is not my case, as I already picked an account. Any idea what could be the reason?

I had exactly the same problem and i have found the solution.
If you follow the documentation found here:
https://developers.google.com/identity/sign-in/android/start-integrating
The first step tells you to create the configuration file (which creates an OAuth 2.0 client ID for you and inserts it into the google-services.json)
Then later, it says again about creating a OAuth 2.0 client ID, but this time it says that you have to do it for Web application
And this is the confusing part! (at least for me) because i was just taking the client id created for the android OAuth and not creating a new one for Web application (I thought the documentation was just redundant or something)
As it says, it is this one, and only this one the one you have to use as a parameter of the methods requestIdToken or requestServerAuthCode.
Forget about using the Android OAuth ID in this methods because then you will get all the time the ugly status code response 12501.
I think the main problem is that the documentation is a bit confusing about this. Or maybe because it is a bit strange the fact that you have to create two OAuth IDs.
So as a summary, you need TWO OAuth IDs, one for android and one for web application, and you have to set each one in the correct place.

I was struggling with this and wasted almost a week in it.
This is how I got it worked.
Import Project in AndroidStudio
Create debug keystore for project.
Create SHA1 signature for project using debug keystore.
Using SHA1 signature, register your app for Google Signin on Google Developer Console.
Generate a Google Configuration file there.(Put in Android Studio's app folder)
Use Web Client ID from OAuth 2.0 credentials in your Android Project.
Now, from Android Studio, generate debug build(APK) of your project.
Mount the device in your system -> copy this signed debug version of APK and install it.
Last three steps 6, 7 and 8, are what you actually need to take care of. If you directly run the project then APK is not actually signed with the debug keystore and google does not recognise it at all.

I had the same problem, after research solution it's resumed that server_client_id contained some incorrect value or your google_services.json didn't include oauth_client with client_id that registered with your keystore.
requestIdToken(getString(R.string.server_client_id))
R.string.server_client_id use OAuth 2.0 client ID for Web Application. And OAuth Client ID for Android use in google_services.json
Usually we use 2 keystore, 1 using debug keystore and 1 using signed keystore for published. So if we want to need in debug & publish mode, register your OAuth Client ID for Android twice, 1 using SHA1 from debug keystore and 1 from signed keystore for published.
small example in my google_services.json
"oauth_client": [
{
"client_id": "xxx-client-id.com",
"client_type": 1,
"android_info": {
"package_name": "com.app.android",
"certificate_hash": "xxxhash"
}
},
{
"client_id": "yyy.client-id.com",
"client_type": 1,
"android_info": {
"package_name": "com.app.android",
"certificate_hash": "yyyhash"
}
}
],

I was getting the same issue, it was because I created client ID of application type Android
Instead, I deleted it and created client ID of type web application and I got rid of this issue.

Just figure out how to solve this... I was getting this error while trying to run the debug version of my app... To fix it, add a credential for your debug app on the developer console and also on the google-services.json.
this fixed it for me!

I had the same problem, and I solved with the following solution:
Create configuration file (google-services.json) as described here and place in your /app project directory
(As mentioned in other answers) Using Web application Client ID for requestIdToken method.
[My main problem] Sign your app if you work on debug mode like below:
signingConfigs {
release {
storeFile file("myreleasekey.keystore")
storePassword "password"
keyAlias "MyReleaseKey"
keyPassword "password"
}
}
buildTypes {
release {
...
}
debug {
...
signingConfig signingConfigs.release
}
}

Now I got it.
So first you must follow the upper answers saying:
create a OAuth client-id for web applications in the Google Developers Console and use it in requestIdToken()
(get rid of status code 12501)
if you created a Android OAuth client-id for your production hash key, create a new Android OAuth client-id for your debug hash key and integrate it into your google-services.json.
(get rid of status code 12500)
No longer valid
And here comes the last Part:
3. you can not call requestIdToken() and requestEmail() at once. At least in my case I got rid of Result: Status{statusCode=INTERNAL_ERROR, resolution=null} by deleting requestEmail().
So good luck...

In my case, I also had to check that the debug SHA-1 was added as a valid OAuth Android client.

Use Web application as server_client_id not Android application

I had the same problem and I noticed that 12501 code was returned when my server_client_id contained some incorrect value.
Since there is no detailed message and the documentation of this error code is rather poor I don't know if your problem has the same cause as mine.
My application is based on Android code from this example (class IdTokenActivity).
To make it work I also needed to integrate Google sign-in into my app:
generated json config file with enabled Google Sign-In
added Google plugin and dependency to my gradle file
created OAuth client ID for this app and saved it in my project as server_client_id

Is your apk in debug mode? I think it only works with a signed apk.

Follow the ambiguous google's document.
Put google-services.json to your project directory
Set your gradle as https://stackoverflow.com/a/35216421/5886475
Set server_client_id in string.xml .It's your web client id not android client

A problem I had is that the SHA-1 I generated as with the incorrect alias.
The alias MUST BE androiddebugkey .
So I have put the Android OAuth ID at my google-service.json file. I have put the Web Client Id to requestIdToken().
And in my specific case, I generated the SHA-1 with androiddebugkey alias.
google-services.json:
"oauth_client": [
{
"client_id": "ANDROID OAUTH ID-.....apps.googleusercontent.com",
"client_type": 1,
"android_info": {
"package_name": "br.com.packagename",
"certificate_hash": "SHA-1 HASH"
}
},{
"client_id": "WEB CLIEND ID......apps.googleusercontent.com",
"client_type": 3
}
]
Signing part:
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken("WEB CLIEND ID......apps.googleusercontent.com")
.requestEmail()
.build();

In place of R.string.server_client_id , just use R.string.default_web_client_id .
When you copy the google-services.json file into the app, it creates this string value automatically. You don't need to copy the key from google-services.json to string.xml
It worked for me.

I solved this issue by Clicking Firebase Support in Android Studio, which may not be relevant to non-Firebase users.
Go to menu Tools->Firebase
Click Connect your app to Firebase, it will display as Connected in green once connection is successful
Click Add Firebase Authentication to your app button, it will also turn green.
NOTE: Having huge list of answers in this definitely confirm one thing. Google needs to update and keep the documentation fool proof.

If none of the above options work, do check whether you applicationId in app build.gradle is same as you package name.

Oviously first check your release sha1 key is correct or not. But if still it is not working and you ar using google play services 8.4.0 (i.e.compile 'com.google.android.gms:play-services:8.4.0'), the issue could be solved by modifying GoogleSignInOption object.
Instead of:
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.requestIdToken("YOUR_WEB_API_ID.apps.googleusercontent.com")
.build();
You have to use :
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestScopes(new Scope(Scopes.PLUS_LOGIN))
.requestScopes(new Scope(Scopes.PLUS_ME))
.requestEmail()
.build();
This solves error returning statusCode=INTERNAL_ERROR OR statusCode=Error 12501 OR statusCode=Error 12500.
Then this gso object could be used for creating GoogleApiClient as shown below:
mGoogleApiClient = new GoogleApiClient.Builder(this)
.enableAutoManage(this, this)
.addApi(Auth.GOOGLE_SIGN_IN_API,gso)
// .addApi(Plus.API, null)
.addConnectionCallbacks(this)
.addOnConnectionFailedListener(this)
// .addScope(Plus.SCOPE_PLUS_LOGIN)
.build();

Don't know why but SHA1 in android studio is changed automatically and that's why I am getting this error. To solve this I updated the SHA1 of my firebase project settings with the new SHA1 of my android studio and it started working again.

In my case, my Credentials for Client ID for Android on Google APIs Console only contained the SHA-1 for my release signed APK. Android Studio was using the default debug keystore to sign my debug builds, and in that case the debug keystore SHA-1 did not match the Android client SHA-1 online. My solution was to simply sign the debug builds with the release keystore.
In Android Studio, Build/Edit Build Types..., then select your debug build type and make sure Signing Config is set to your release certificate.

Try following these steps:
Clone the following project https://github.com/googlesamples/google-services
Follow the guide at https://developers.google.com/identity/sign-in/android/start
Use Web client (auto created by Google Service) and add it in requestIdToken(...)
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.requestIdToken("YOUR_WEB_API_ID.apps.googleusercontent.com")
.build();
Make sure you are using the same keystore used which is added to Google project. For instance, if you have used the following command to generate SHA-1 key
keytool -exportcert -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore
Then add the following code in app/build.gradle file inside android { ... } [Solved my problem]
signingConfigs
{
debug
{
storeFile file("/home/ashwin/.android/debug.keystore")
storePassword "android"
keyAlias "androiddebugkey"
keyPassword "android"
}
}
buildTypes
{
release
{
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
debug
{
signingConfig signingConfigs.debug
}
}
Note: Your keyPassword and keyAlias should be the same used during generation of SHA-1 certificate.

If you are using the debug keystore to build the project, you need to add the SHA-1 fingerprint of debug.keystore on Firebase Console.
On your Firebase Console, open your Project
Go to Parameters. Tab General
At the end of this page, there is a field to add a Fingerprint SHA-1
Paste the SHA-1 in the console field.
To obtain SHA-1 of debug.keystore :
Mac/Linux :
keytool -exportcert -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore
Windows :
keytool -exportcert -list -v -alias androiddebugkey -keystore %USERPROFILE%\.android\debug.keystore
https://developers.google.com/android/guides/client-auth
That's all !

I had the same problem and error 12501 and non of of above did work for me.
My problem was I using google Default web api that generated for me. after creating my own web api error disappeared and worked fine!
these are working steps:
first I created SHA1 debug key and add to Firebase console. creating SHA1 from here.
create both web api and android OAuth 2.0 client ID from here
get generated google-service.json from Firebase console and put in app folder.
put this code for GoogleSignnOption
like this:
gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN).requestIdToken
("put the web app client Id that get from the link in developer console ")
.requestEmail().build();
tip 1: I find out that you should create both android and web app Client Id to work.
tip 2: if you from Iran like me you can get the user from google but you can not AuthWithGoogle and result will fail in auth.signInWithCredential(credential) and you had to use some proxy for returning true.
this is the working full source of FireBaseAuthDemo in github:
hope help full

I had this problem too, after following Google's instructions for Automatically signing your app. If you are using this method to sign your apps, you will need to include the generated keystore fingerprint in your API credentials.
On the project browser, right click on your app and select Open Module
Settings.
I found it less confusing to put the .jks file in my project's /app directory. In any case run this line on it.
keytool -list -v -keystore /home/user/keystores/android.jks
You will be prompted for a password. Not sure if it's the Key Password or Store Password because mine are the same. :|
The console will spit out a bunch of certificate fingerprints. Take the SHA1 one and punch it into your API credentials at the Google API Developer's Console. You will need to enter it for the Android client OAuth 2.0 client IDs even though you don't actually use that client_id in your app. If you are using other APIs for android, put the same SHA1 in the appropriate key credentials under API keys too.

Here is a new one. I was trying for 6 hours to login on the emulator with the id from my corporate Google Apps domain, to no avail, getting 12501 errors. On a hunch, I tried my personal gmail id and it worked. Ditto if I tried on my phone with my corporate id. It turns out the emulator did not have the proper Mobile Device Management settings to allow my corporate id to login.
So If I want to test on the emulator with this corporate id, I have to install Google Play Store, then the MDM software, and configure it.

From my weird experience with this error, I can say that you also need to try to reboot your phone in order to get rid of this error :)
I was implemented Google Sign In using G Suite accounts which have a device policy assigned via Google Admin. So on the first sign in it was requiring to install Device Policy app. After all later steps completed, it was just throwing 12501 error. Same time the same app was working fine on other phones. So only reboot helped. But helped

Though already many upvoted answers exist in this question, I struggled to understand the logic.
So, I come up with my research.
Create a app using correct package name & Signing-certificate fingerprint SHA-1 https://developers.google.com/mobile/add?platform=android&cntapi=signin
Enable google sign-in
Generate the configuration file.
To get SHA-1, run this in terminal:
keytool -exportcert -keystore path-to-debug-or-production-keystore -list -v
About OAuth 2.0 client IDs
OAuth for the web (In app this is used as server_client_id)
OAuth for android (This needs to be created using correct package name & Signing-certificate fingerprint SHA-1).
If you are using the different keystore for debug & release, you need to create separate OAuth 2.0 client IDs using respective package name & SHA-1.
You can create or edit your OAuth 2.0 client IDs here https://console.developers.google.com/apis/credentials?project=
Navigating to your app.
If you already have a OAuth for Android, click in its name & check the package name & SHA-1.
We can use the same keystore for both debug & release by saving the keystore details in global(local, not inside project) gradle.properties & getting it in build.gradle as below.
def key_alias = ""
def key_password = ""
def store_file = ""
def store_password = ""
try {
key_alias = YOUR_KEY_ALIAS
key_password = YOUR_KEY_PASSWORD
store_file = YOUR_KEYSTORE_PATH
store_password = YOUR_KEYSTORE_PASSWORD
} catch (Exception exception) {
throw new IllegalStateException('Failed to find key store details. Social Login is disabled');
}
android {
signingConfigs {
config {
keyAlias key_alias
keyPassword key_password
storeFile file(store_file)
storePassword store_password
}
}
buildTypes {
debug {
signingConfig signingConfigs.config
// ...
}
release {
signingConfig signingConfigs.config
// ...
}
}
}
You can use below snippet
#Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
super.onActivityResult(requestCode, resultCode, data);
if (requestCode == REQUEST_CODE_GOOGLE_SIGN_IN) {
GoogleSignInResult result = Auth.GoogleSignInApi.getSignInResultFromIntent(data);
if (result.isSuccess()) {
// ...
} else if (result.getStatus().getStatusCode() == CommonStatusCodes.NETWORK_ERROR) {
// No internet connection
} else if (result.getStatus().getStatusCode() == CommonStatusCodes.DEVELOPER_ERROR) {
// Wrong server OAuth key(server_client_id)
} else if (result.getStatus().getStatusCode() == 12501) {
// Wrong app signing-certificate fingerprint SHA1
} else {
Log.e("Google sign in error", result.getStatus().toString());
}
}
}
Note: If you enabled only Google Sign-In when you generated the configuration file, you need not to add the google-servies.json file in your project.(generating the file performs the necessary configuration steps).

1.Specify signingConfigs in your gradle file
signingConfigs {
config {
keyAlias 'appalias'
keyPassword 'hunter123'
storePassword 'hunter123'
storeFile file('path/to/keystore.jks')
}
}
2.Go to Build Types in Project Structure (in Android Studio) and specify signingConfigs to "config"
Now clean your project and build again. It should work.
If the above doesn't work then below is your last resort.
Try step one and build and check. If it's not working go to next step and try to build again.
Build a signed apk (With remember password checked).
Before signing check the filename of the keystore file and the one yo give in while signing the apk (in android studio).
Install the signed apk in your device.
Wait for five minutes.
Try singing in to google. If still 12501 is coming wait five more minutes. While doing that hit gradle sync.
Try again. It should work.

I have same problem too, Was resolved as follows:
I was made to delete the SHA1 previously thought and create and set new SHA1.
generate new google-services.json and set into my app directory
I was use exactly google developer codes
my result.isSucces() returned true after running the project
as summary, delete old sha1 and create new sha1 and download new google-services.json

I was facing the same 12501 status error. This is due to SHA-1 mismatch of release APK and debug APK.
Make a signed APK. To sign an APK, choose existing path of the keystore you have used for creating SHA-1. e.g. /.android/debug.keystore
Give alias-name : androiddebugkey
storepass and keypass : android.

I have developed lib to Add Google SignIn option in your app with just few lines of code. Try HiGoogle- Google SignIn Made Easy
Use Web application as server_client_id not Android application. Pass it in the HiGoogle constructor.