Obtaining configuration information

Before getting your hands dirty with code, some configuration needs to be taken care of. Be patient, this is the most complex part of the setup.

Configuration information obtained in this guide is used in later steps of the setup and in the configure() call: 1 or 2.

You do not need Firebase to configure Google Sign In. However, if you use it, it's a little easier to set up the sign in experience because Firebase gives you one file to download and put into your project.

Android

Follow the 2 steps below to set up Google Sign In for your Android app.

danger

Completing this guide is crucial for Google Sign-In to work on Android. If not done correctly, you will get the infamous DEVELOPER_ERROR error (how to troubleshoot it).

Step 1: Obtain SHA-1 certificate fingerprints

You probably use multiple signing configurations for your Android app - for example for building debug and release APKs locally or building on Expo EAS. Then there's the Play App Signing for store deployments - while the Google Play Store does not rebuild your app, it may re-sign it using one of its own signing configurations.

First, you need to obtain the SHA-1 certificate fingerprints for all of these signing configurations using the instructions below. Then, use all of those SHA-1 hashes in Step 2 below.

When using Expo EAS

If you use Expo EAS, run eas credentials to obtain the Keystore information, which includes the SHA-1 fingerprint. See EAS credentials docs to learn more.

When developing locally

1. From your project root, cd android && ./gradlew signingReport.
2. Scroll to the top of output, see the fingerprints. Debug fingerprint is used for debug apk, release fingerprint is used for release APK.

When releasing via Google Play Store

Check if "Google Play App Signing" is enabled for your app in the console. If it is enabled, you need to take the following steps:

1. In Google Play Console, navigate to: <Your App> -> Release section (in the left sidebar) -> Setup -> App Signing.
2. Under the "App signing key certificate" and also "Upload key certificate", take note of SHA-1 certificate fingerprint. That's a total of two or more fingerprints (Play Store sometimes has more than one "App signing key certificate"!).

Step 2: Add SHA-1 hashes to Firebase or Google Cloud Console

Using all of the SHA-1 fingerprints obtained in the previous step, follow the instructions below.

When using Firebase

1. Sign in to Firebase and open your project.
2. Ensure that in the "Authentication" menu, "Google" is enabled as "Sign-in method".
3. Click the Settings icon and select Project settings.
4. In the "Your apps" card, select the app you need to add SHA-1 to.
5. Click "Add fingerprint".
6. Check that "Package name" is correct.
7. Download the google-services.json file.

When not using Firebase

Follow the "Create authorization credentials" instructions here to create an "OAuth client ID" of type Android for each of the SHA-1 fingerprints you obtained - see screenshot below.

---

iOS

Read below on how to set up Google Sign In for your iOS app.

When using Firebase

1. Sign in to Firebase Console and open your project.
2. Click the settings icon and go to "Project settings".
3. Scroll down to "Your apps" section, and select the app.
4. Check that "Bundle ID" is correct.
5. Download the GoogleService-Info.plist file.

When not using Firebase

Remember that all created client IDs can be found in the Google Cloud Console.

Obtain the "iOS OAuth Client ID" and "iOS URL scheme" (also known as reversed client id): Create or use an existing OAuth Client ID of type iOS in Google Cloud Console. Alternatively, use this wizard.

You will need the iOS Client ID and iOS URL scheme later.

---

Web Client ID (optional)

For some use cases (offline support, web support), a Web Client ID is needed (provided to the configure() call). To obtain a Web Client ID, go to Google Cloud Console and find an existing one (it may be already created by Firebase) or create a new OAuth Client ID of type Web.