Keywords: Google Sign-In | Firebase Authentication | SHA1 Fingerprint | Android Development | OAuth2 Configuration
Abstract: This article provides an in-depth analysis of common Google sign-in integration errors in Android applications, specifically ApiException: 10 and UNREGISTERED_ON_API_CONSOLE. Through detailed examination of Firebase authentication workflows, it focuses on SHA1 fingerprint configuration issues and offers comprehensive solutions from certificate generation to console setup. With code examples and best practices, it helps developers彻底解决authentication configuration errors.
Problem Background and Error Analysis
When integrating Google sign-in functionality in Android applications, developers frequently encounter two critical error messages: com.google.android.gms.common.api.ApiException: 10 and UNREGISTERED_ON_API_CONSOLE. These errors typically indicate issues with OAuth2 configuration, particularly mismatches between SHA1 certificate fingerprints and Firebase console settings.
From a technical perspective, ApiException: 10 corresponds to the DEVELOPER_ERROR status code, signaling developer configuration issues. UNREGISTERED_ON_API_CONSOLE more specifically indicates incorrect registration information in the API console. These errors often occur together, with the root cause being improperly configured SHA1 fingerprints of the application signing certificate in the Firebase project.
Detailed SHA1 Fingerprint Configuration
The SHA1 fingerprint serves as the identity credential for Android applications, used by Google services to verify application authenticity. Incorrect configuration leads to authentication failures. Below is the proper configuration process:
First, obtain the application's SHA1 fingerprint. For debug builds, use the following command:
keytool -list -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass androidFor release builds, use the corresponding signing keystore:
keytool -list -v -keystore your_keystore.jks -alias your_alias_nameAfter obtaining the fingerprint, configure it correctly in the Firebase console. Navigate to project settings, select the Android app, and add the obtained SHA1 value in the SHA certificate fingerprints section. Common mistakes here include:
- Using the wrong keystore (confusing debug and release)
- Incorrect fingerprint format
- Failure to save changes in Firebase
Firebase Project Integration Setup
Beyond SHA1 configuration, ensure proper association between Firebase projects and Google API console. Follow these key steps:
In the Firebase console, go to project settings and select the "Integrations" tab. Locate the Google Play section and click the "Link" button. This step ensures Firebase recognizes app signing certificates distributed through Google Play.
For developers using Google Play App Signing,特别注意: You must add the SHA1 fingerprint from the "App signing certificate" displayed in Google Play Console to Firebase, not the local signing certificate fingerprint. Find this in Google Play Console under "Release" → "Setup" → "App integrity".
Code Implementation and Verification
Proper configuration must be accompanied by appropriate code implementation. Below are key code snippets for Google sign-in integration, demonstrating correct GoogleSignInClient initialization:
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.requestIdToken(getString(R.string.web_client_id))
.build();
mGoogleSignInClient = GoogleSignIn.getClient(this, gso);Handle login responses in onActivityResult:
Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
try {
GoogleSignInAccount account = task.getResult(ApiException.class);
// Handle successful login
firebaseAuthWithGoogle(account);
} catch (ApiException e) {
Log.w(TAG, "Google sign in failed", e);
// Handle error
}A simple method to verify configuration correctness is checking whether the google-services.json file matches the current build variant. Ensure the file contains correct package names and SHA1 fingerprints.
Common Issue Troubleshooting
If errors persist after following the above steps, try these troubleshooting methods:
First, clear application data and cache, then reinstall the application. Sometimes old configuration information caches cause issues.
Second, verify OAuth2 client ID configuration. Ensure the Android client ID in Google Cloud Console has correct package name and SHA1 fingerprint configuration. Web client ID is used for requestIdToken calls, but Android client ID configuration is equally important.
Finally, check network connectivity and Google Play Services version. Ensure devices have the latest Google Play Services installed and can access Google servers normally.
Best Practice Recommendations
To avoid configuration errors, adopt these best practices:
Configure SHA1 fingerprints for all environments (development, testing, production) early in project development. Use build variants or flavors to manage different environment configurations.
Regularly verify configurations, especially when updating signing keys or changing package names. Establish configuration checklists to ensure all authentication-related configurations are validated before each release.
Consider using Firebase App Distribution for testing, which helps verify Google sign-in functionality on real devices without publishing to Google Play.
Through systematic configuration management and verification processes, you can significantly reduce configuration errors in Google sign-in integration, improving development efficiency and application stability.