Google SignIn API Exception 10

Asked 23/3, 2018 at 12:53 Answered 16/5 at 17:45

Solved java android google-signin googlesigninaccount

Approaching to the final stage of the authentification, but something is going wrong in handleSignInResult method. It returns Exception code 10 (Developer error) in logs. Google provides comprehensive description:

The application is misconfigured. This error is not recoverable and will be treated as fatal. The developer is an idiot...

What should I do to handle this (get an account) and finally retrive values from account?
Thank you in advance for your help!!!

MainActivity:

package ru.podgorny.carcall;

import ...

public class MainActivity extends AppCompatActivity {

        SignInButton signInButton;
        public static final int RC_SIGN_IN = 07;
        public static final String TAG = "MainActivity";
        TextView tw1;
        TextView tw2;


        GoogleSignInOptions gso;
        GoogleSignInClient mGSC;


        @Override
        protected void onCreate (Bundle savedInstanceState){
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        Log.d(TAG, "Activity Works");
        findViews();

            gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                    .requestEmail()
                    //.requestProfile()
                    .build();

            mGSC = GoogleSignIn.getClient(this, gso); //smth with mGSC variable....

             View.OnClickListener onClickListener = new View.OnClickListener() {
                @Override
                public void onClick(View v) {
                    onClick2(v);
                }
            };
             signInButton.setOnClickListener(onClickListener);




    }

    private void findViews() {
            Log.d (TAG, "findViews started");
        signInButton = findViewById(R.id.idButtonGoogle);

        tw1 = findViewById(R.id.textView1);
        tw1 = findViewById(R.id.textView2);

        Log.d(TAG, "Views finded");


    }

    public void onClick2(View view) {
            Log.d(TAG, "onClick started");
        switch (view.getId()) {
            case R.id.idButtonGoogle:
                signIn();
                break;
        }
        Log.d(TAG, "OnClick Started");
    }

    public void signIn() {

        Intent signInIntent = mGSC.getSignInIntent();
        startActivityForResult(signInIntent, RC_SIGN_IN);
        Log.d(TAG, "startActivityForResult works");

    }

    @Override
    public void onActivityResult(int requestCode, int resultCode, Intent data) {
        super.onActivityResult(requestCode, resultCode, data);
        Log.d(TAG, "OnActivityResult started");
        // Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
        if (requestCode == RC_SIGN_IN) {
            // The Task returned from this call is always completed, no need to attach
            // a listener.
            Log.d(TAG, "TASK started");
            Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
            handleSignInResult(task);
            Log.d(TAG, "OnActivityResult returned");
        }
    }

    private void handleSignInResult(Task<GoogleSignInAccount> completedTask) {
        try {
            GoogleSignInAccount account = completedTask.getResult(ApiException.class);//ERROR -- Code 10
            Log.d(TAG, "Account received");


            updateUI(account);
            Log.d(TAG, "updateUI Launched");
        } catch (ApiException e) {

            Log.w(TAG, "signInResult:failed code=" + e.getStatusCode());
            updateUI(null);
        }
    }

    private void updateUI(GoogleSignInAccount account) {
            if (account!=null) {
                tw1.setText("OK");
                tw2.setText("Name: " + account.getGivenName() + ", Family name: " + account.getFamilyName() + ", Email: " + account.getEmail() /*+ " image: " +
                        account.getPhotoUrl()*/);
            }else {
                tw1.setText("SMTH wrong");
            }

        }

}

Limey answered 23/3, 2018 at 12:53 Comment(0)

This error might happen if you are not using same project at console.developers.google and console.firebase.google.com. If project is same at both console make sure you have add your SHA1 Key properly. Get SHA1 from Android studio.

Open Android Studio
Open your Project
Click on Gradle (From Right Side Panel, you will see Gradle Bar)
Click on Refresh (Click on Refresh from Gradle Bar, you will see List Gradle scripts of your Project)
Click on Your Project (Your Project Name form List (root))
Click on Tasks
Click on Android
Double Click on signingReport (You will get SHA1 and MD5 in Run Bar(Sometimes it will be in Gradle Console))
Select app module from module selection dropdown to run or debug your application   You also need to get google-services.json from firebase console and put into your project.

Jabe answered 23/3, 2018 at 13:33 Comment(5)

I don't understand step 9. What do I do with the signingReport output ? – Tan 5/3, 2021 at 15:34

If you use Play App Signing, make sure to use SHA1 from its certificate, not your debug or release keystore – Burgenland 22/6, 2021 at 3:47

Google should add a note where they accept "SHA-1 certificate fingerprint". The current tip to use keytool is not valid anymore. For those still looking, go to Play Console > Setup > App Integrity > App Signing. There you will find the SHA-1 certificate fingerprint. – Caritta 3/5, 2023 at 7:38

@PrasadDeZoysa I still get error code 10 after I added another Android OAuth client to the cloud console with the correct app package name and the SHA1-fingerprint from Google play console. The sign in is working when running a debug build and even a release build (signed with our keystore) on a device/emulator. But when uploading an aab to Google Play internal test, I get this error 10. Do you have any idea what else could be wrong? Thanks in advance! – Prader 5/5, 2023 at 15:16

never mind, I just found out that there is a separate SHA-fingerprint section for internal testing Google Play Console, so I had to add another OAuth client ID in cloud console, now it is working – Prader 5/5, 2023 at 20:43

I landed into the same problem and wasted hours. On digging deeper into OAuth and OpenId, I figured out the reason. We are doing a conceptual error here.

For android or any other platform (except web), you need to create at least two types of client id in the same project of google API console. These Client ID types are:

Web Application
Android

You can create them in any order. While creating Android type Client Id, you need to give package name and SHA1. While creating Web Application Id, you just need to give a name.

You don't need to do anything with any of these id's further until you want to verify the user at your backend. In other words, if you want your backend server to ask google server about this user's information, then only you would need Web Application Id. The conceptual flow is as follows:

First send Web Application Client Id from Android App to Google Sign-in Server as an additional option using requestIdToken(your_web_app_client_id).
You will get back a token in Android app upon user's sign in.
Send this token to your backend.
Now your backend can exchange this token with Google Servers to get user's information

Send this Web Appplication Client Id from Android App to backend server.

Use this Web Application Id if you want to verify user at your backend.

Convention answered 11/12, 2019 at 22:41 Comment(3)

thx man i solved this problem, i send cliendID but android and must be clientID web application – Coverall 28/10, 2020 at 5:30

That's what solved it for me! I thought only the web key was being used as that's what you send in the request. And couldn't figure out why it was working on my environment and not on my colleague's! – Israelisraeli 24/6, 2021 at 10:47

I was using wrong id instead of your_web_app_client_id – Thirza 1/7, 2021 at 16:30

This Problem can be solved by using WebApplication ID and android Client ID

When ever you configure the project to generate id for android app , it generates 2 types of ids 1 Android 2 WebApplication ,

We need to use 2nd one (web oAuth id) and not the 1st one , it will be resolving your issue

Roughdry answered 4/3, 2021 at 7:55 Comment(3)

It works. very weird thing from google though. – Nibelung 7/2, 2022 at 20:11

this shoudl come on top – Undercroft 12/6, 2023 at 4:56

Yes, It's working. It's confusing which client ID should be used. Most of them make mess it up with Android client and web client – Merozoite 27/2 at 16:28

The answer for me was that you actually need to combine the two main answers given here:

Make sure that you created Google OAuth client ids for Android (one for Debug and one for release) and then assure that they have assigned the right SHA1 as described in the accepted answer.

Then you also need to create an OAuth client ID for Web and use that one for the actual SignIn:

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
    .requestIdToken(WEB_CLIENT_ID)
    .requestEmail()
    .build();

Aramaic answered 13/11, 2020 at 20:6 Comment(4)

Have you tried this in production? It works with debug, but when publishing to app store using release apk, it gives the error again – Kroll 16/4, 2021 at 9:7

@DIRTYDAVE As far as I know, this should work. You can check the code here: github.com/johannesjo/super-productivity-android/blob/master/… and download the app here: github.com/johannesjo/super-productivity/releases – Aramaic 16/4, 2021 at 10:51

Thanks hugo, using the web application one is working for me in production. Google makes it so confusing I may have looked through 20+ questions on this GoogleSignIn issue... – Kroll 25/4, 2021 at 12:9

It gives error when you upload bundle to app store. Where to add sh1 generated by play store? – Courtier 26/10, 2023 at 4:46

Another source of this error is adding applicationIdSuffix to your Build Variants (Flavors) in the gradle file. If you had everything working and suddenly when adding flavors the Google Sign In broke, check this configuration variable.

The applicationIdSuffix parameter might require a unique certificate for each suffix. I simply removed it because I didn't need to deploy different products or releases yet. Also, you can set the same configuration for each flavor programmatically.

Configure certificates build types: Force to use same certificate to sign different "buildTypes" that are configured for a particular "productFlavor"?

Malicious answered 14/7, 2020 at 14:14 Comment(0)

I've found another source of the problem.

In my case the keys were alright, but applicationId field in build.gradle script differed from app's package name.

Small research showed that applicationId field value takes some kind of "precedence" before app's package name conserning Google autentication.

After commenting applicationId line in build.gradle, app autenticates itself in Google by package name.

Rounce answered 6/11, 2020 at 14:3 Comment(0)

I fixed this problem by this way

 GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                .requestIdToken(getString(R.string.AUTH_ID))
                .requestEmail()
                .build();

where my AUTH_ID is

Ryley answered 20/11, 2020 at 17:59 Comment(0)

This solution assumes that the root cause of your problem is that you are debugging and in that case the fingerprints of the app are different than the final production builds. To over come that:

Add your debug.keystore's SHA1 and SHA256 fingerprint to your Firebase project with these steps:

Obtain the debug.keystore's fingerprints: Linux/Mac - keytool -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore, Windows - keytool -list -v -alias androiddebugkey -keystore %USERPROFILE%\.android\debug.keystore
Add these fingerprint's to your Firebases project's Android app section: https://support.google.com/firebase/answer/9137403?hl=en

Nehemiah answered 18/7, 2020 at 4:8 Comment(0)

Option: then keep in mind that google also signs the app with the another certificate. So, you need to add the 2nd fingerprints as well. Otherwise, you will receive this error.

Brundage answered 28/7, 2020 at 9:4 Comment(2)

This was my exact problem. I was going crazy thinking what the hell was wrong. – Reginaldreginauld 26/10, 2020 at 13:5

@NongthonbamTonthoi Hi, Where should i check for another certificate. – Indolent 16/12, 2021 at 12:11

I paste the release keystore sha1 to google console, but forget add debug config !!

Diacaustic answered 6/5, 2021 at 9:18 Comment(0)

Make sure you use Web Client ID from https://console.cloud.google.com and not Android client. Even if it is mentioned Web application in Type column: enter image description here

Karlakarlan answered 21/10, 2021 at 17:59 Comment(0)

I would like to add Supplemental Information as to Why @Patrick R answer (above works/marked as correct). To execute your project/practice, Google Console needs to ID your app via SHA-1 key when its distributed on Google Play Market, However, when your are simply experimenting with Login confirmation and Proof Of Concept, then it associates the debug SHA-1 key (your app automatically generates this) for this exact purpose, keeping your testing and production changes modular.

Unstop answered 16/5, 2018 at 3:0 Comment(0)

Try adding .requestIdToken(getString(R.string.default_web_client_id)).

    GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
            .requestIdToken(getString(R.string.default_web_client_id)) //add this line
            .requestEmail()
            .build();

Manxman answered 7/8, 2020 at 16:27 Comment(2)

i have added all this but still i get this error i have added in firebase also – Arhat 4/10, 2020 at 13:36

Did you update your google-services.json after adding SHA 1 to firebase? – Manxman 5/10, 2020 at 14:14

Had same issue. Code 10 in signed apk. I put all the four keys from Google Play Console (Setup -> App integrity -> Play App Signing) to Firebase project and pasted new Google-services.json in app folder in Android Studio and then after generating Signed Apk, Google sign in worked.

Poirier answered 14/3, 2021 at 4:28 Comment(1)

Thanks @Syed Umair. This solution works for me – Hutment 29/3, 2021 at 9:13

atleast on the debug version, i didnt send any token and it worked... ie,no 'requestIdToken' in GoogleSigninOptions.build()

It may not work in Release...will try ..

Cavalierly answered 4/11, 2021 at 3:28 Comment(0)

I had the same issue and non of the answers above worked for me:

If you get error code 10 that means for sure that you have a SHA problem. My solution was to go to the Firebase project, Settings Overview (top left cornet) -> Click on the Settings icon -> Project Settings. There, General tab will be first selected and you have to scroll down to SDK setup and configuration, select the Android app and make sure you enter the same SHA1/256 key that you've entered on the Google Cloud Platform when you've configured your OAuth consent screen and the credentials.

Hope this helps you too. Cheers!

Clarindaclarine answered 16/6, 2022 at 18:54 Comment(1)

of-course you have to complete setup project in google console – Alterant 16/6, 2022 at 19:58

Press "Sync Project with Gradle files."

Halsy answered 1/12, 2022 at 9:52 Comment(0)

In my case, the package parameter was missing from my AndroidManifest.xml, causing the SHA-1 to be generated incorrectly. Once adding the correct package, regenerating the SHA-1, and adding it to Firebase, things are working as expected.

Westwardly answered 13/3, 2023 at 15:27 Comment(0)

In my case I set google sign-in up from a Google Cloud project. I set up the OAuth Consent Screen then manually added a Oauth 2.0 Client ID. Went through all the steps SHA1 and package and one client ID generated and I was trying to use this in the project.

What fixed it was instead setting up a new Firebase project with the SHA 1 from keystore and package name declared in manifest. Then in Firebase console: Authentication -> Sign-in method -> Add Google. Download updated google-services.json. Finally go to associated Google Cloud project (auto generates from new firebase project) APIs & Services -> Credentials. If Google auth is set up in Firebase you will see two OAuth 2.0 Client IDs. One is Android Client, the other is Web client. Copy the Web application Client ID and use this as the serverClientId when creating the GoogleSignInOptions.

Trig answered 15/2 at 18:17 Comment(0)

I had it with Google login with Firebase Auth.

Using the Terminal:

Open the Terminal in Android Studio.

Type ./gradlew signingReport and press Enter.

The SHA-1 key will be shown in the terminal

I have added that key to Firebase Console as fingerprint under Android app.

Reddish answered 16/5 at 17:45 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags