Google Sign In throws an exception com.google.android.gms.common.api.ApiException: 12500

Question

I have a simple application written in Android, where I want to do Google Sign and then Firebase Authentication. I copy paste the code from official page.

val gso = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
    .requestIdToken(getString(R.string.default_web_client_id))
    .requestEmail()
    .build()

if (requestCode == REQUEST_CODE_GOOGLE_SIGN_IN) {
    val task = GoogleSignIn.getSignedInAccountFromIntent(data)
    try {
        // Google Sign In was successful, authenticate with Firebase
        val account = task.getResult(ApiException::class.java)
        firebaseAuthWithGoogle(account.idToken!!)
    } catch (e: ApiException) {
        // Google Sign In failed, update UI appropriately
        Log.w("aaa", "Google sign in failed", e)
        // ...
    }
}

But this simple code is throwing an exception com.google.android.gms.common.api.ApiException: 12500:

What is an issue, I checked online sources everyone is saying add support email, add application icon, but to add application icon I need to go through the OAuth verification process, which asks a lot of data which I currently do not have as I just started to develop my application, please help I am trying to solve this issue already for 48 hours.

I think it's a duplicate of this question: https://stackoverflow.com/questions/64587610/google-sign-in-throws-an-exception-com-google-android-gms-common-api-apiexceptio — gildor, Oct 29 '20 at 08:49
@ViktorApoyan I think this [answer](https://stackoverflow.com/questions/51360250/firebase-ui-authentication-with-google-fails-with-message-code10-message10/51360406) will help. — Alex Mamo, Oct 29 '20 at 10:38
@AlexMamo but my question would be, why the app is not working when I am deploying it from the Android Studio? because at least it was working before I uploaded it to play store — Viktor Apoyan, Oct 29 '20 at 11:00
Sorry, this is correct link - https://stackoverflow.com/questions/47632035/google-sign-in-error-12500 — gildor, Oct 30 '20 at 09:04
@gildor the link which you suggested I checked it is not fixing the issue for me — Viktor Apoyan, Nov 03 '20 at 07:20

Ben Butterworth · Accepted Answer · 2020-11-10T10:40:11.463

5

because at least it was working before I uploaded it to play store

Problem (a feature called Play App Signing)

It seems like the Google Play Store is signing your app instead of you, so Firebase detects a different signing key, and prevents authentication. Re-signing apps is a Google Play Store feature, and preventing apps signed by signing keys which you haven't verified from authenticating with Firebase is a Firebase feature.

Solution

Go to Google Play Store Console → Setup → App Signing → App signing key certificate, copy the SHA-1 certificate fingerprint.

Then go to Firebase Console → Project Settings → Your Apps → Add Fingerprint → and paste the SHA1.

What you are doing

Telling Firebase to accept authentication requests generated from an app signed by the key handled by Google Play Store. It previously only accepted requests from an app signed by your locally signed app, where the key is stored on your computer.

Copy SHA-1 from here:

Paste SHA-1 as a fingerprint here:

edited Nov 10 '20 at 10:40

answered Nov 09 '20 at 03:14

Ben Butterworth

22,056
10
114
167

I just realised, because these are fingerprints, revealing the numbers in my screenshot won't matter in terms of security, so I didn't need to hide them. – Ben Butterworth Nov 09 '20 at 03:21
Hey, @Ben I will try the suggested solution today and let you know if it works or not, but I already did that and it doesn't work, also I think you forgot to mention that I need to download a new google-service.json file. or it is not required? – Viktor Apoyan Nov 10 '20 at 10:00
Hey @ViktorApoyan, I forgot about that as I haven't done this in a while :D. It's probably better if you update that file, as it does contain the fingerprints. Not sure if the google services plugin will actually use it, so you could first try without updating this file, and see if it works. – Ben Butterworth Nov 10 '20 at 10:38
I would expect the signature is validated on the server side, not from the Google services json file. However, there might be initial validation on client side. – Ben Butterworth Nov 10 '20 at 10:41
Hi @Ben, actually I solved the problem by adding to firebase another application, as my application is using a multi-modular approach I have several modules, authentication, core, etc, basically, the issue was that firebase knows only about my authentication module, after adding the app to the firebase, the error 12500 disappeared, and yes you were right there was no need to update `google-services.json` file. – Viktor Apoyan Nov 11 '20 at 08:54
but after this now I am facing another issue the `account.idToken` is returning null, do you have an idea why? – Viktor Apoyan Nov 11 '20 at 08:54
I think there is more information needed to answer this (some code). Maybe you can double check the user account was created/ exists. https://firebase.google.com/docs/reference/android/com/google/firebase/auth/FirebaseUser#public-taskgettokenresult-getidtoken-boolean-forcerefresh – Ben Butterworth Nov 11 '20 at 11:05
1

WOW-took me 3 days to figure this out. Tried 20 other things - but this was the answer. Menu item is now changed from "App Signing" to "App Integrity" – Jared Green Sep 06 '21 at 20:37