Collecting configuration information

Before getting your hands dirty with code, some configuration needs to be taken care of. Be patient, this is the most complex part of the setup.

Configuration information collected in this guide is used in later steps of the setup and in the configure() call: 1 or 2.

You do not need Firebase to configure Google Sign In. However, if you use it, it's a little easier to set up the sign in experience because Firebase gives you one file to download and put into your project.

Android

Follow the 2 steps below to set up Google Sign In for your Android app.

danger

Completing this guide is crucial for Google Sign-In to work on Android. If not done correctly, you will get the infamous DEVELOPER_ERROR error (how to troubleshoot it).

Step 1: Collect SHA-1 certificate fingerprints

Your Android app probably uses multiple signing configurations. For example, an app might be signed differently when building debug and release APKs locally or when building on Expo EAS. Then there's the Play App Signing for store deployments — while the Google Play Store does not (re)build your app, it may re-sign it using one of its own signing configurations.

It's extremely common for an app to have three or more signing configurations, each with its own SHA-1 certificate fingerprint.

First, you need to get the SHA-1 certificate fingerprints for all signing configurations using the instructions below. Then, use all of those SHA-1 fingerprints in Step 2 below.

When releasing via Google Play Store

Check if "Google Play App Signing" is enabled for your app in the console. If it is enabled, you need to take the following steps:

1. In Google Play Console, navigate to: <Your App> -> Release section (in the left sidebar) -> Setup -> App Signing.
2. Under the "App signing key certificate" and also "Upload key certificate", take note of SHA-1 certificate fingerprint. That's a total of two or more fingerprints (Play Store sometimes has more than one "App signing key certificate"!).

When using Expo EAS

If you use Expo EAS, run eas credentials to obtain the Keystore information, which includes the SHA-1 fingerprint. See EAS credentials docs to learn more.

When developing locally

1. From your project root, cd android && ./gradlew signingReport.
2. Scroll to the top of output, see the fingerprints. Debug fingerprint is used for locally-built debug apk, release fingerprint is used for release APK.

Step 2: Add SHA-1 fingerprints to Firebase or Google Cloud Console

Using all of the SHA-1 fingerprints obtained in the previous step, follow the instructions below.

When using Firebase

1. Sign in to Firebase Console and open your project.
2. Ensure that in the "Authentication" menu, "Google" is enabled as "Sign-in method".
3. Click the settings icon and go to "Project settings".
4. Scroll down to "Your apps" section, and select the app.
5. Click "Add fingerprint".
6. Check that "Package name" is correct.
7. Download the google-services.json file.

When not using Firebase

Create an OAuth Client ID of type Android in Google Cloud Console for each of the SHA-1 fingerprints you obtained - see the screenshot below.

Alternatively, use this wizard.

You will NOT need the created IDs later - the only goal here is for them to be created in the Google Cloud Console.

---

iOS

Read below on how to set up Google Sign In for your iOS app.

When using Firebase

1. Sign in to Firebase Console and open your project.
2. Ensure that in the "Authentication" menu, "Google" is enabled as "Sign-in method".
3. Click the settings icon and go to "Project settings".
4. Scroll down to "Your apps" section, and select the app.
5. Check that "Bundle ID" is correct.
6. Download the GoogleService-Info.plist file.

When not using Firebase

Remember that all created client IDs can be found in the Google Cloud Console.

Obtain the "iOS OAuth Client ID" and "iOS URL scheme" (also known as reversed client id): Create an OAuth Client ID of type iOS in Google Cloud Console as seen in the screenshot below. Alternatively, use this wizard.

You will need the iOS Client ID and iOS URL scheme later.

---

Web Client ID

To get a Web Client ID (for the configure() call), go to Google Cloud Console and find an existing one (it may have been already created by Firebase) or create a new OAuth Client ID of type Web.

---

Summary

At the end of this guide, regardless of whether you use Firebase, when you visit Google Cloud Console, you should have in the "OAuth 2.0 Client IDs" section:

• Android OAuth Client ID(s) with SHA-1 fingerprints
• iOS OAuth Client ID(s) with iOS URL scheme
• Web Client ID