Google Sign In error 12500

Question

I am trying to integrate Google Sign In into my app. I don't have a back-end server, I am just getting the details of the logged on Google Account to my app.

I first tried it by using Google Sign In Example but I got an error (No code changes made except for printing the stacktrace below). I just used the example SignInActivity as I don't have a back-end server.

 Exception com.google.android.gms.common.api.ApiException: 12500: 
 at com.google.android.gms.common.internal.zzb.zzz(Unknown Source)
 at com.google.android.gms.auth.api.signin.GoogleSignIn.getSignedInAccountFromIntent(Unknown Source)
 at com.ewise.android.api.MainActivity.onActivityResult(SignInActivity.java:89)     at android.app.Activity.dispatchActivityResult(Activity.java:7010)
 at android.app.ActivityThread.deliverResults(ActivityThread.java:4187)
 at android.app.ActivityThread.handleSendResult(ActivityThread.java:4234)
 at android.app.ActivityThread.-wrap20(ActivityThread.java)
 at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1584)
 at android.os.Handler.dispatchMessage(Handler.java:102)
 at android.os.Looper.loop(Looper.java:154)
 at android.app.ActivityThread.main(ActivityThread.java:6316)
 at java.lang.reflect.Method.invoke(Native Method)
 at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:872)
 at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:762)

Code

 public class SignInActivity extends AppCompatActivity implements
         View.OnClickListener {

     private static final String TAG = "SignInActivity";
     private static final int RC_SIGN_IN = 9001;

     private GoogleSignInClient mGoogleSignInClient;
     private TextView mStatusTextView;

     @Override
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
         setContentView(R.layout.activity_main);

         // Views
         mStatusTextView = findViewById(R.id.status);

         // Button listeners
         findViewById(R.id.sign_in_button).setOnClickListener(this);
         findViewById(R.id.sign_out_button).setOnClickListener(this);
         findViewById(R.id.disconnect_button).setOnClickListener(this);

         // [START configure_signin]
         // Configure sign-in to request the user's ID, email address, and basic
         // profile. ID and basic profile are included in DEFAULT_SIGN_IN.
         GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                 .requestEmail()
                 .build();
         // [END configure_signin]

         // [START build_client]
         // Build a GoogleSignInClient with the options specified by gso.
         mGoogleSignInClient = GoogleSignIn.getClient(this, gso);
         // [END build_client]

         // [START customize_button]
         // Set the dimensions of the sign-in button.
         SignInButton signInButton = findViewById(R.id.sign_in_button);
         signInButton.setSize(SignInButton.SIZE_STANDARD);
         signInButton.setColorScheme(SignInButton.COLOR_LIGHT);
         // [END customize_button]
     }

     @Override
     public void onStart() {
         super.onStart();

         // [START on_start_sign_in]
         // Check for existing Google Sign In account, if the user is already signed in
         // the GoogleSignInAccount will be non-null.
         GoogleSignInAccount account = GoogleSignIn.getLastSignedInAccount(this);
         updateUI(account);
         // [END on_start_sign_in]
     }

     // [START onActivityResult]
     @Override
     public void onActivityResult(int requestCode, int resultCode, Intent data) {
         super.onActivityResult(requestCode, resultCode, data);

         // Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
         if (requestCode == RC_SIGN_IN) {
             // The Task returned from this call is always completed, no need to attach
             // a listener.
             Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
             handleSignInResult(task);
         }
     }
     // [END onActivityResult]

     // [START handleSignInResult]
     private void handleSignInResult(Task<GoogleSignInAccount> completedTask) {
         try {
             GoogleSignInAccount account = completedTask.getResult(ApiException.class);

             // Signed in successfully, show authenticated UI.
             updateUI(account);
         } catch (ApiException e) {
             // The ApiException status code indicates the detailed failure reason.
             // Please refer to the GoogleSignInStatusCodes class reference for more information.
             Log.w(TAG, "signInResult:failed code=" + e.getStatusCode());
             e.printStackTrace();
             updateUI(null);
         }
     }
     // [END handleSignInResult]

     // [START signIn]
     private void signIn() {
         Intent signInIntent = mGoogleSignInClient.getSignInIntent();
         startActivityForResult(signInIntent, RC_SIGN_IN);
     }
     // [END signIn]

     // [START signOut]
     private void signOut() {
         mGoogleSignInClient.signOut()
                 .addOnCompleteListener(this, new OnCompleteListener<Void>() {
                     @Override
                     public void onComplete(@NonNull Task<Void> task) {
                         // [START_EXCLUDE]
                         updateUI(null);
                         // [END_EXCLUDE]
                     }
                 });
     }
     // [END signOut]

     // [START revokeAccess]
     private void revokeAccess() {
         mGoogleSignInClient.revokeAccess()
                 .addOnCompleteListener(this, new OnCompleteListener<Void>() {
                     @Override
                     public void onComplete(@NonNull Task<Void> task) {
                         // [START_EXCLUDE]
                         updateUI(null);
                         // [END_EXCLUDE]
                     }
                 });
     }
     // [END revokeAccess]

     private void updateUI(@Nullable GoogleSignInAccount account) {
         if (account != null) {
             mStatusTextView.setText(getString(R.string.signed_in_fmt, account.getDisplayName()));

             findViewById(R.id.sign_in_button).setVisibility(View.GONE);
             findViewById(R.id.sign_out_and_disconnect).setVisibility(View.VISIBLE);
         } else {
             mStatusTextView.setText(R.string.signed_out);

             findViewById(R.id.sign_in_button).setVisibility(View.VISIBLE);
             findViewById(R.id.sign_out_and_disconnect).setVisibility(View.GONE);
         }
     }

     @Override
     public void onClick(View v) {
         switch (v.getId()) {
             case R.id.sign_in_button:
                 signIn();
                 break;
             case R.id.sign_out_button:
                 signOut();
                 break;
             case R.id.disconnect_button:
                 revokeAccess();
                 break;
         }
     }
  }

From what I read, the issue could be caused by SHA1 Generation.

I followed the complete guide but apparently it's not working.

I copied the SHA1 from gradle signingReport

Variant: debug
Config: debug
Store: /Users/user/.android/debug.keystore
Alias: AndroidDebugKey
MD5: A3:16:3F:43:75:FE:07:62:6D:8D:CC:DD:21:9F:FA:1A
SHA1: 7B:21:26:7F:D8:18:BB:0E:36:1C:82:DD:B7:28:5F:C1:2F:5C:E4:EA
Valid until: Saturday, August 31, 2047
----------
Variant: release
Config: none
----------
Variant: debugAndroidTest
Config: debug
Store: /Users/user/.android/debug.keystore
Alias: AndroidDebugKey
MD5: A3:16:3F:43:75:FE:07:62:6D:8D:CC:DD:21:9F:FA:1A
SHA1: 7B:21:26:7F:D8:18:BB:0E:36:1C:82:DD:B7:28:5F:C1:2F:5C:E4:EA
Valid until: Saturday, August 31, 2047
----------
Variant: debugUnitTest
Config: debug
Store: /Users/user/.android/debug.keystore
Alias: AndroidDebugKey
MD5: A3:16:3F:43:75:FE:07:62:6D:8D:CC:DD:21:9F:FA:1A
SHA1: 7B:21:26:7F:D8:18:BB:0E:36:1C:82:DD:B7:28:5F:C1:2F:5C:E4:EA
Valid until: Saturday, August 31, 2047

what could be the possible cause of this?

Thanks

P.S. Could this be a possible cause?

Google Play services out of date.  Requires 11720000 but found 10932470

Answer 1

Error PlatformException(sign_in_failed, com.google.android.gms.common.api.ApiException: 12500: , null)

This 12500 Error can be solved by adding a support email address to your project in project settings. Open link https://console.firebase.google.com/

Select Your project and open settings tab.

Provide a valid support email and restart your application now.

Answer 2

Check if SHA-1 fingerprints are added to the firebase project settings. If not,find SHA-1 fingerprint using

https://developers.google.com/android/guides/client-auth

Also, find the SHA-1 fingerprint of release key using

keytool -list -v -keystore <keystore path>

Remove <keystore path> with the path of the key store.

Then add both SHA-1 fingerprints to firebase projects settings.

NB: Don't forget to replace google-services.json with updated google-services.json with new fingerprints. I lost two days on that.

While debug

Android studio automatically generate ~/.android/debug.keystore on first debug build and use it to sign the app.

To get the SHA-1 run (password android) (doc):

keytool -exportcert -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore

This SHA-1 should be added to the app settings at firebase to allow usage of google sign in capabilities while testing debug build.

Answer 3

Support email and also all project and privacy links are necessary for Google SignIn to work, otherwise it throws 12500.

Set it on https://console.developers.google.com/apis/credentials on the bottom of second tab named "OAuth consent screen" - there you'll find three links that need to be configured.

This is not mentioned ANYWHERE in the Firebase guides.

Answer 4

for error 12500 You need to add support gmail in settings of firebase only and for error 10 add ssh fingerprint in firebase console as you see in picture

Answer 5

Simply update your Google Play Services to the latest version (or 11720000 in this case). If you are using AVD, Nexus 5 and 5X images support Google Play. Once the emulator is up and running, go to the Extended Controls Menu > Google Play then update.

Answer 6

Try updating the OAuth consent screen on https://console.developers.google.com/apis/credentials

Answer 7

I was stuck of this for a while.

Make sure these step are performed-

• Correct SHA key is saved on Firebase Console.
• Download the latest google-service.json
• And Last and most important Save OAuth consent under credentials in google api, OAuth Screen This took a long to figure out. And it worked fine after this.

Answer 8

Seems your SHA1 is overwritten by Google play store. Check in your google play store, launch panel, under app signing, see if google play has an additional SHA1 added.

And copy that SHA1, add to your relevant place, would do the job.

Answer 9

Enable Google Sign in method works for me -Authentication->Sign-in method->google

Answer 10

1. Enable Sign-in method GOOGLE.** (not necessary)

2. Open the project settings.

3. Provide email for support.

Answer 11

In my case, the issue was that my emulator did not have Play Store. I have made the emulator (named API 23) through Visual Studio, because I develop using Xamarin.Forms as well, and in Visual Studio's Android Device Manager you can select if your emulator should have Google Play Store.

Had to create an emulator through Android Studio's AVD and ensure that it had Play Store:

Answer 12

If there's still anyone out there with a similar issue, if you're adding custom scopes, make sure it's a valid scope. In my case, I mixed Facebook scopes with Google scopes and took me a while to figure it out!

Answer 13

I think the error came from the Wrong SHA1. Please don't forget that the SHA1 is different between release and debug mode in the android studio. Instead of using keytool to get the SHA1, you can use Gradle project -> Task -> android -> signingReport in the android studio (can open it by menu View -> Toolwindow -> gradle ) to get release and debug SHA1. After that, for easy working, you need to create 2 separate credentials with two SHA1 on google cloud console (google just instruct to create 1 using release SHA1, when we develop it will not work since it uses the debug SHA1).

Answer 14

I'm using Firebase Authentication. My SHA-1 was indicated correctly, client id was also correct but I still was getting 12500.

It turned out that my problem was that I didn't indicate Support email in my project settings. (Settings -> General tab -> Your project (Public settings) section).

Answer 15

In my case, this error was there because android auth was removed by senior team as it seems there's no need of android key in backend authentication. So both Android and Web client keys are needed in google login.

Answer 16

Go to your project in the Firebase console, open Project Settings, add your SHA certificate fingerprints there. Download the updated google-services.json file and add it to your Projects app folder.

This worked for me.

Answer 17

First make sure you registered your app in the google developers console

Make sure you have both the debug and release keys in your Firebase application. If it this error appears in production, add your SHA-1 release key to fire base app. If it appears in development, then add your SHA-1 debug key.

Getting the debug/release key:

keytool -exportcert -list -v -alias [your alias] -keystore [path/to/debug or release.keystore]

Make sure to download the updated google-services.json to your app.

Answer 18

If you are coming here from flutter : This is one of the corner cases we have to fix as per the documentation here : https://pub.dev/packages/google_sign_in

• Go to Google APIs & Sevices
• Select the app you want to implement google signin In to.
• Then click on Enable APIS and Services

• Then Search for Google Peoples API

• Open the Google People API card and click enable, your app might get rid of the issue.

Answer 19

I tried all of the answers and still was getting 12500. It turned out that the solution for me was even simpler - my project has User Type set to internal and I was trying to log in with email outside of my company. So if none of the previous answers work for you, check if you have User Type set to internal or external and if you try to log in with acceptable account.

Answer 20

For me the problem was using a 'release' ClientID with my debug-configured app. Make sure you have a release and a debug keys, using each SHA-1's respectively.

Answer 21

When your app authenticates with a backend server or accesses Google APIs from your backend server, then you must pass the OAuth 2.0 client ID that was created for your server to the requestIdToken method when you construct the GoogleSignInOptions object, for accessing the user's basic profile information. Also, don't forget to submit the support email in the OAuth consent screen found in the Credentials page in the API Console.

Answer 22

After I tried all solutions above and nothing has worked. I found that I am requesting scope that is not mentioned in the cloud. These is my code

final GoogleSignIn googleSignIn = new GoogleSignIn(
    scopes: [
      'https://www.googleapis.com/auth/userinfo.email',
      'https://www.googleapis.com/auth/userinfo.profile',
      'https://www.googleapis.com/auth/openid',
      'https://www.googleapis.com/auth/youtube.force-ssl'
    ]);

After I removed all scopes, it worked.

My scopes section was empty:

Scopes tab can be found here: https://console.cloud.google.com/apis/credentials/consent/edit

Answer 23

It can also happen that the cordova compiler is unable to find the proper keystore file.

Solution: Before executing ionic cordova build android specify the signing properties

Step-1: Generate a debug keystore file

Execute the command

keytool -exportcert -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore

Use password: android

Step-2: Copy the keystore file(debug.keystore) from ~/.android to platform/android directory of your current project

Step-3: Create a file named release-signing.properties in the platform/android directory

Step-4: Add the contents in the file

storeFile=debug.keystore
keyAlias=androiddebugkey
storePassword=android
keyPassword=android

Note: These are the default values. If you have provided custom alias and password then use them accordingly.

Step-5: Now build ionic cordova build android

Answer 24

I experienced the same problem after opening my project on another computer (different Android Studio). In my case, I solved it using the Firebase Assistant, which I had used to setup Firebase initially. Opened the Firebase Assistant (Tools > Firebase) and selecting Authentication > Connect. This reconnected the project to Firebase and updated the configs

Answer 25

I was stuck in the Google Login issue since 2 week, finally sorted it well .let me explain the reason. The issue was related with firebase. In firebase , they mentioned a field "support email " as optional . But once i added it (any of your personal email) ,the issue sorted and i got the response . If your getting an error as 12501 , then it is related to settings in your google account.

Answer 26

I was stuck of this for a while.

Make sure these step are performed-

Correct SHA key is saved on Firebase Console.
Valid reversed client id.
from fcm console=>select app=>from authentication=>enable google sign-in method

Answer 27

I know it seems silly but I had this error in my emulator and the issue was resolved when I booted up an emulator that had Google Play API's installed.

Answer 28

In my case, it's because of the wrong Google Client Id. I change my key to the key listed in google-services.json (under oauth_client object)

Answer 29

Make sure you have following things set up properly:

1. Generate Client Id in your Google Project.
2. Provide proper SHA-1 key for that Client Id. (debug / release)
3. Provide proper package name for that Client Id.
4. Make sure you have generated Client Id in strings.xml, google-services.json or credentials.json file.

Answer 30

https://developers.google.com/identity/sign-in/android/sign-in follow this api documentation but keep in mind that inside WEB_CLIENT_ID use the value of client id which is generated inside google-services.json file.

class MainActivity : AppCompatActivity(), GoogleApiClient.OnConnectionFailedListener {
private val TAG = "JSAGoogleSignIn"
private val REQUEST_CODE_SIGN_IN = 1234
private val WEB_CLIENT_ID = "354298333018-XXXXXXXXXXXXXXXXXXXXXXX.apps.googleusercontent.com"
private var mAuth: FirebaseAuth? = null

private var mGoogleApiClient: GoogleApiClient? = null
override fun onCreate(savedInstanceState: Bundle?) {
    super.onCreate(savedInstanceState)
    setContentView(R.layout.activity_main)
    var txt_register = findViewById<TextView>(R.id.txt_register)
    txt_register.setOnClickListener {
        var intent = Intent(this@MainActivity, RegisterActivity::class.java)
        finish()
        startActivity(intent)
    }
    val gso = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
            .requestIdToken(WEB_CLIENT_ID)
            .requestEmail()
            .build()
    mGoogleApiClient = GoogleApiClient.Builder(this)
            .enableAutoManage(this /* FragmentActivity */, this /* OnConnectionFailedListener */)
            .addApi(Auth.GOOGLE_SIGN_IN_API, gso)
            .build()

    mAuth = FirebaseAuth.getInstance()
    sign_in_button.setOnClickListener {
        val intent = Auth.GoogleSignInApi.getSignInIntent(mGoogleApiClient)
        startActivityForResult(intent, REQUEST_CODE_SIGN_IN)
    }

}


override fun onConnectionFailed(p0: ConnectionResult) {
    TODO("not implemented") //To change body of created functions use File | Settings | File Templates.
}


private fun updateUI(user: FirebaseUser?) {
    if (user != null) {
        Log.e("Email", "Value" + user.email)
    }

}

fun signIn() {

}

override fun onStart() {
    super.onStart()
    val currentUser = mAuth!!.currentUser
    updateUI(currentUser)
}

public override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
    super.onActivityResult(requestCode, resultCode, data)

    // Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
    if (requestCode == REQUEST_CODE_SIGN_IN) {
        val result = Auth.GoogleSignInApi.getSignInResultFromIntent(data)
        if (result.isSuccess) {
            // successful -> authenticate with Firebase
            val account = result.signInAccount
            firebaseAuthWithGoogle(account!!)
        } else {
            // failed -> update UI
            updateUI(null)
            Toast.makeText(applicationContext, "SignIn: failed!" + result.status,
                    Toast.LENGTH_SHORT).show()
        }
    }
}

private fun firebaseAuthWithGoogle(acct: GoogleSignInAccount) {
    Log.e(TAG, "firebaseAuthWithGoogle():" + acct.id!!)

    val credential = GoogleAuthProvider.getCredential(acct.idToken, null)
    mAuth!!.signInWithCredential(credential)
            .addOnCompleteListener(this) { task ->
                if (task.isSuccessful) {
                    // Sign in success
                    Log.e(TAG, "signInWithCredential: Success!")
                    val user = mAuth!!.currentUser
                    updateUI(user)
                } else {
                    // Sign in fails
                    Log.w(TAG, "signInWithCredential: Failed!", task.exception)
                    Toast.makeText(applicationContext, "Authentication failed!",
                            Toast.LENGTH_SHORT).show()
                    updateUI(null)
                }
            }
}

Answer 31

In my case, After adding fingerprint in Firebase console, it got automatically picked up by the Google developer console and shown the fingerprints. But sign in did not work. After looking at every step, I figured that Google reversed my manifest file package like this com.xxxxxxxx.app. But it is actually app.xxxxxxxx.com, in Google developer console. So I deleted auto created a fingerprint and added fingerprint with the correct package name. BOOM!!. It worked.

Answer 32

The error appeared to me when the Google option was not enabled, as shown in image.

It happened when I changed Google's account and forgot to turn on the option of connecting with Google.

Answer 33

Make sure your project should not contain any special character including numeric or any kind of symbol(project name should be simple as com.google.testproject)

Answer 34

In my case I was working on a non-production app, the issue was that when creating a project in firebase console, there were issues synchronizing SHA-1 keys back and forth from Firebase & Google developer consoles. So, I decided to create the project first on the Google Developer console, and then select it when creating a new project on Firebase console.

I also made a tutorial for this, that may help you.

Answer 35

I was facing a similar issue,updating the support email and the OAuth consent screen form didn't work, however adding the Google Play Store App signing key certificate to the Firebase Console Worked:

1. Copy the App Signing Key from the Google Play Console(Setup -> App Integrity -> App Signing)

Notice that these keys were randomly generated and are not my project's keys.

2. Add the Keys to Firebase console.

Answer 36

I think everyone should start debugging by running this before building a release or a debug versions of apps.

flutter clean

everytime you change google-services.json or AndroidManifest.xml files

Nothing worked before I ran this command

Flutter official doc also mention this

 Note: You may need to run flutter clean after changing the gradle file. This prevents cached builds from affecting the signing process.

https://docs.flutter.dev/deployment/android#configure-signing-in-gradle

EDIT: I made it work in both production or development envs. After few days of testing, I encounter this issue again and I was testing different versions of apps installing and uninstalling and upgrading all that stuff. I could not fix it with anything but running flutter clean again.

Answer 37

If you have your SHA-1 ready within in your Firebase project settings, you can test your application using a Physical device instead of using an Emulator.

Answer 38

What you probably know is that you need to add the debug and release sign in keys of your flutter android app to the Firebase project.

You find the debug key by doing this from your project folder:

stephanedeluca@Angelantonio2019:~/development/OlenPEPS-mobile$ cd android
stephanedeluca@Angelantonio2019:~/development/OlenPEPS-mobile/android$ ./gradlew signingReport
Starting a Gradle Daemon, 1 incompatible Daemon could not be reused, use --status for details

> Task :app:signingReport
Variant: debug
Config: debug
Store: /Users/stephanedeluca/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 4B:7A:AA:...:61:C7
SHA1: 17:B3:67:...:59:EA
SHA-256: DE:2A:E0:...:F1:45
Valid until: jeudi 6 août 2043
----------
Variant: release
Config: release
Store: /Users/stephanedeluca/upload-keystore.jks
Alias: upload
MD5: FC:CD:...:FD:3C
SHA1: D5:F3:...:6A:26
SHA-256: 77:7A:...:67:3F
Valid until: dimanche 26 septembre 2049
----------

As you can see, the debug SHA key sits at the very beginning of the log. Copy it.

Now, go to your Firebase project on the Web and open project settings like so:

Scroll down to the keys and tap add and paste the debug key.

Now for the release version: *do not take the one listed at release section: Play store use its own key.

So get to the Play store console and head to the App integrity section as follows; copy the SHA1:

Now add it to Firebase the same way you did with the debug key.

And voilà!

Answer 39

My solution: (edit: 04/Jan/2019)

Answer 40

Try this options:

keytool -list -v -keystore C:\Users\MG\Desktop\test.jks -alias test

It prompts for password and just enter password. You can see the SHA1, MD5 fingerprints.