Obtaining configuration information
Before getting your hands dirty with code, some configuration needs to be taken care of. Be patient, this is the most complex part of the setup.
Configuration information obtained in this guide is used in later steps of the setup and in the configure()
call: 1 or 2.
You do not need Firebase to configure Google Sign In. However, if you use it, it's a little easier to set up the sign in experience because Firebase gives you one file to download and put into your project.
Android
Follow the 2 steps below to set up Google Sign In for your Android app.
Completing this guide is crucial for Google Sign-In to work on Android. If not done correctly, you will get the infamous DEVELOPER_ERROR
error (how to troubleshoot it).
Step 1: Obtain SHA-1 certificate fingerprints
You probably use multiple signing configurations for your Android app - for example for building debug and release APKs locally or building on Expo EAS. Then there's the Play App Signing for store deployments - while the Google Play Store does not rebuild your app, it may re-sign it using one of its own signing configurations.
First, you need to obtain the SHA-1 certificate fingerprints for all of these signing configurations using the instructions below. Then, use all of those SHA-1 hashes in Step 2 below.
- When releasing via Google Play Store
- When using Expo EAS
- When developing locally
Check if "Google Play App Signing" is enabled for your app in the console. If it is enabled, you need to take the following steps:
- In Google Play Console, navigate to: <Your App> -> Release section (in the left sidebar) -> Setup -> App Signing.
- Under the "App signing key certificate" and also "Upload key certificate", take note of
SHA-1 certificate fingerprint
. That's a total of two or more fingerprints (Play Store sometimes has more than one "App signing key certificate"!).
If you use Expo EAS, run eas credentials
to obtain
the Keystore information, which includes the SHA-1 fingerprint. See EAS
credentials
docs
to learn more.
- From your project root,
cd android && ./gradlew signingReport
. - Scroll to the top of output, see the fingerprints. Debug fingerprint is used for debug apk, release fingerprint is used for release APK.
Step 2: Add SHA-1 hashes to Firebase or Google Cloud Console
Using all of the SHA-1 fingerprints obtained in the previous step, follow the instructions below.
- When using Firebase
- When not using Firebase
- Sign in to Firebase Console and open your project.
- Ensure that in the "Authentication" menu, "Google" is enabled as "Sign-in method".
- Click the settings icon and go to "Project settings".
- Scroll down to "Your apps" section, and select the app.
- Click "Add fingerprint".
- Check that "Package name" is correct.
- Download the
google-services.json
file.
Create an OAuth Client ID of type Android in Google Cloud Console for each of the SHA-1 fingerprints you obtained - see the screenshot below.
Alternatively, use this wizard.
You will NOT need the created IDs later - the only goal here is for them to be created in the Google Cloud Console.
iOS
Read below on how to set up Google Sign In for your iOS app.
- When using Firebase
- When not using Firebase
- Sign in to Firebase Console and open your project.
- Ensure that in the "Authentication" menu, "Google" is enabled as "Sign-in method".
- Click the settings icon and go to "Project settings".
- Scroll down to "Your apps" section, and select the app.
- Check that "Bundle ID" is correct.
- Download the
GoogleService-Info.plist
file.
Remember that all created client IDs can be found in the Google Cloud Console.
Obtain the "iOS OAuth Client ID" and "iOS URL scheme" (also known as reversed client id
): Create an OAuth Client ID of type iOS in Google Cloud Console. Alternatively, use this wizard.
You will need the iOS Client ID and iOS URL scheme later.
Web Client ID
For some use cases, a Web Client ID is needed (provided to the configure()
call). To obtain a Web Client ID, go to Google Cloud Console and find an existing one (it may have been already created by Firebase) or create a new OAuth Client ID of type Web.
Summary
At the end of this guide, regardless of whether you use Firebase, when you visit Google Cloud Console, you should have in the "OAuth 2.0 Client IDs" section:
- Android OAuth Client ID(s) with SHA-1 fingerprints
- iOS OAuth Client ID(s) with iOS URL scheme
- Web Client ID