Firebase Auth: Requests from this Android client application com.xxx are blocked

Question

I'm implementing the standard tutorial for Firebase AuthUI in my android app. However, when testing I try to sign-in using Google sign-in from within the app and get the following exception:

com.google.firebase.FirebaseException: An internal error has occurred. 
[ Requests from this Android client application com.xxx are blocked. ]

The app displays the "Google SmartLock" banner as if it's signing me in, but then disappears and in the logcat I see the error above.

I verified that my SHA-1 certificate fingerprints for both debug and release are in the Firebase console. I've been using them for some time in this app so I know they are correct.

I have enabled both Google sign-in and email sign-in on the Firebase Auth Console. I've tried both email/google sign-in and both processes begin but fail with the same exception. I have also downloaded and used a new google-services.json file -- no change.

The application name is correct. Why are they blocking me? Has anyone had any luck contacting firebase support?

Here's a snippet from build.gradle:

api 'com.android.support:support-v4:27.1.1'
api 'com.android.support:appcompat-v7:27.1.1'
api 'com.android.support.constraint:constraint-layout:1.1.2'
api 'com.google.firebase:firebase-storage:16.0.1'
api 'com.google.firebase:firebase-core:16.0.1'
api 'com.google.android.gms:play-services-maps:15.0.1'
api 'com.google.android.gms:play-services-location:15.0.1'
api 'com.google.android.gms:play-services-ads:15.0.1'
api 'com.google.code.findbugs:jsr305:3.0.2'
api 'com.google.apis:google-api-services-storage:v1-rev68-1.21.0'
implementation 'com.firebaseui:firebase-ui-storage:0.6.0'
implementation 'com.firebaseui:firebase-ui-auth:4.0.0'
testImplementation 'junit:junit:4.12'

Logcat:

/com.x.x W/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzal@13ca6fd
/com.x.x D/FA: Logging event (FE): user_engagement(_e), Bundle[{firebase_event_origin(_o)=auto, engagement_time_msec(_et)=12629, firebase_screen_class(_sc)=PhotoActivity, firebase_screen_id(_si)=-1316627329056180637}]
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=PhotoActivity, firebase_previous_id(_pi)=-1316627329056180637, firebase_screen_class(_sc)=KickoffActivity, firebase_screen_id(_si)=-1316627329056180636}]
/com.x.x D/FA: Connected to remote service
/com.x.x D/FA: Logging event (FE): user_engagement(_e), Bundle[{firebase_event_origin(_o)=auto, engagement_time_msec(_et)=1312, firebase_screen_class(_sc)=KickoffActivity, firebase_screen_id(_si)=-1316627329056180636}]
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=KickoffActivity, firebase_previous_id(_pi)=-1316627329056180636, firebase_screen_class(_sc)=SingleSignInActivity, firebase_screen_id(_si)=-1316627329056180635}]
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=SingleSignInActivity, firebase_previous_id(_pi)=-1316627329056180635, firebase_screen_class(_sc)=SignInHubActivity, firebase_screen_id(_si)=-1316627329056180634}]
/com.x.x W/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzal@13ca6fd
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=SignInHubActivity, firebase_previous_id(_pi)=-1316627329056180634, firebase_screen_class(_sc)=SingleSignInActivity, firebase_screen_id(_si)=-1316627329056180635}]
E/Volley: [23564] BasicNetwork.performRequest: Unexpected response code 403 for https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyAssertion?alt=proto&key=[key]
E/Volley: [23564] BasicNetwork.performRequest: Unexpected response code 403 for https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyAssertion?alt=proto&key=[key]
I/AuthChimeraService: Error description received from server: Requests from this Android client application com.x.x are blocked.

/com.x.x E/AuthUI: A sign-in error occurred.
com.google.firebase.FirebaseException: An internal error has occurred. [ Requests from this Android client application com.x.x are blocked. ]

Good question. Yes I have. Email and Google sign-in are enabled. The sign-in process begins but fails. When I try to sign-in using email, I get the same exception when I submit my email/password. — pldenc44, Aug 20 '18 at 07:01
i have done many projects using `Firebase` so i dont think its something from their end, can you please share the code of `build.gradle` file and firebase console where you enter your apps `package name` — Abdul Kawee, Aug 20 '18 at 07:05
I added the package name and dependencies from build.gradle. My package name does have two capital letters in it from back when that was supported. That hasn't been an issue with Firebase in the past. — pldenc44, Aug 20 '18 at 07:11
thats a totally strange behavior, try generating new json file from console and replace it with the current one then check if its good or not — Abdul Kawee, Aug 20 '18 at 07:28
Can you post all logs after selecting "No Filters" and "Verbose"? — Kruti Parekh, Aug 20 '18 at 08:10
Okay, the logs show that server returns 403 response code. This response code is returned in case when the client is forbidden for the request. Moreover, the logs suggest that package name is an issue. Can you please confirm that firebase console package name and `applicationId` value in app level gradle file is same? — Kruti Parekh, Aug 20 '18 at 09:40
Firebase package name from settings: com.encdata.OceanTemperature. ApplicationID in build.gradle is the same: com.encdata.OceanTemperature. My Application ID is camelcase since it was created before I knew what I was doing years ago. The package in Android is the same but all lowercase. I wonder if this is an issue. It's been ok in firebase up to this point. — pldenc44, Aug 21 '18 at 04:06

score 30 · Accepted Answer · answered Aug 21 '18 at 05:09

30

The Google Cloud API key I was using was restricted to android with my package name, but only the production SHA-1 certificate fingerprint was given, not the debug key. I added the debug key's SHA-1 certificate along with the package name so that both production and debug certificates appear in the "Application Restrictions" for the key and it worked. Apparently being "blocked" by firebase means your API key may be restricted improperly.

answered Aug 21 '18 at 05:09

pldenc44

748
1
6
14

3

In my case, the released apps were giving this issue and I had to go to the console and put "None" for Application Restrictions. Even though I had used the release SHA. – ousanmaz Aug 01 '19 at 16:24
@ousanmaz where is this option? – Dpedrinha Nov 27 '19 at 22:36
@ousenmaz See https://stackoverflow.com/a/49464848/8014724 if you are using app bundles. – DanD Jan 27 '20 at 17:22

score 16 · Answer 2 · answered Nov 20 '18 at 13:01

16

I just faced the same problem today and fortunately solved the problem. I still don't have any idea why this was happening but here are the steps I had taken to solve :

Delete the already added SHA-1 signing-certificate fingerprint in the Firebase console settings.
Go to android studio and Sync Project with Gradle Files.
Add SHA-1 signing-certificate fingerprint again to the Firebase Console Settings.

Here is how you can add SHA-1 signing-certificate fingerprint to firebase : CLICK HERE

answered Nov 20 '18 at 13:01

Dipayan Ray

497
3
10

1

I didn't find step 2 necessary, all I needed to do was to delete the SHA-1 certificate and add it right back in. It worked. Very strange. Does firebase enforce some kind of expiry period on signing certificates? – kip2 Mar 04 '20 at 17:54
1

I didn't believe it would make a difference, as I already had the valid SHA-1 key configured in Firebase. However I can confirm, that for me at least, deleting this key and adding it again solved this problem for me. – eddyoc May 09 '20 at 06:52

score 13 · Answer 3 · answered Dec 22 '19 at 19:15

I noticed that for some reason on my Google Credentials API Key restriction, my SHA-1 fingerprint wasn't included.

To find your API Key, go to console.cloud.google.com/apis/credentials?project=. Or go to the console.cloud.google.com -> Click on the hamburger icon on the top left -> APIs and Services -> Credentials

Choose the API Key that you're using. -Under "App Restrictions", choose "Android Apps" (If you're build an Android app for example) -Under "Restrict usage to your Android apps", Click "Add an item" -Enter your package name and your SHA-1 Fingerprint

To know how to find your SHA-1 Fingerprint, LINK

The signingReport task may be under Gradle(on the right vertical band) app -> tasks -> android

API Key Restrictions!!!!!!!!!!!! Problem solved! thank you – Power Coding Jan 23 '22 at 01:42 — Power Coding, Jan 23 '22 at 01:42

score 6 · Answer 4 · answered Sep 26 '20 at 19:42

6

If you are published app to google play store and then show this error:

[ Requests from this Android client application com.x.x are blocked. ]

Here a solution to solve your problem very easily.

Open google play console -> https://play.google.com/apps/publish
Got to your specific app which app show error.
Then go Setup -> App signin
And finally you got your SHA-1 certificate fingerprint

To find your SHA-1 certificate fingerprint, go to console.cloud.google.com/apis/credentials?project. Or go to the console.cloud.google.com -> Click on the hamburger icon on the top left -> APIs and Services -> Credentials. And change your all SHA-1 certificate fingerprint.

answered Sep 26 '20 at 19:42

mAhmedSiddiki

113
1
2
7

1

This solved my problem. – Black_Rider Sep 30 '21 at 15:54
1

Thanks. You save my time. I was looking for solve finally I fount it. – Riaz Mahmud Dec 25 '21 at 09:47
1

Thanks a lot! In my case, I also had to add the SHA-1 and SHA-256 keys in my app's "SDK setup and configuration" on Google console – FrizzTheSnail Jul 06 '22 at 14:40

score 6 · Answer 5 · answered Jan 06 '21 at 16:58

6

For anyone else who might be facing this problem, it is possible that you are using Internal App Sharing on the Play console, with Google signing enabled. If so, you may have forgotten to add their debug SHA-1 key to your firebase console.

Pretty hard to debug, or find an answer, so I'm hoping I've added all the right keywords to help the next guy.

answered Jan 06 '21 at 16:58

Sedge

151
1
3

This worked for me! Inside Google Play Console: 1. Go to "Setup" > "App integrity" 2. Find "App signing key certificate" > "SHA-1 certificate fingerprint" – vzshi Feb 24 '21 at 03:18

score 4 · Answer 6 · answered Jul 27 '21 at 23:41

Our app was working correctly in production for many months and then we started running into this same error recently (July 2021) after upgrading the Firebase SDK's to the latest version.

We found the solution in the Firebase Phone Auth Docs which state:

If a user has a device with Google Play Services installed, and Firebase Authentication can verify the device as legitimate with Android SafetyNet, phone number sign-in can proceed.

As the docs suggest, the solution was to go to the Android Device Verification API and enable the API for our project in Google Cloud.

BEFORE (not working)

AFTER (working)

After making that change, all of our phone number sign-in / sign-up functionality started working again almost instantly.

score 2 · Answer 7 · answered Dec 09 '20 at 15:27

I've had this problem and looked left and right for a solution. Turns out, in my case at least, that you actually need to go the Credentials screen in the Google Cloud Platform and there you'll find this:

Restrict usage to your Android apps Add your package name and SHA-1 signing-certificate fingerprint to restrict usage to your Android apps

There you can ADD NEW ITEM, meaning your application package and its SHA-1 signature. Then you won't have this problem anymore (assuming the rest of the configuration is done). My app had its key restricted for Android apps and this step was a necessary one.

Same problem here. Glad you figured it out. – pldenc44 Dec 10 '20 at 18:02 — pldenc44, Dec 10 '20 at 18:02

score 2 · Answer 8 · answered Nov 12 '21 at 16:11

I tried everything described here but nothing helped after wasting many hours. Adding sha1 key from app Google Play App Signing didn't help.

Then I turned off "Android key (auto created by Firebase)" restrictions and everything started working again.

Still don't know how to keep key restricted but firebase working.

score 2 · Answer 9 · answered Dec 17 '22 at 01:57

2

You can follow these steps
console.cloud.google.com

if you project not selected, then select your project

then select credentials and select your api key which one is restricted

then select none or you can give restriction by your sha1

answered Dec 17 '22 at 01:57

Rasel Khan

2,976
19
25

score 1 · Answer 10 · answered Aug 27 '20 at 12:09

I also appeared in same problem, when I changed platform for my Project. Even I added SHA-1 key to firebase console it was not working. After I checked in Google cloud platform (console.cloud.google.com) with my project name. I show that Auto generated API key does not contains my new SHA-1 key. so I updated it manually by adding project's package name and SHA key and it works.

score 1 · Answer 11 · edited Aug 14 '21 at 15:29

1

I fixed this error by putting the two SHA-1s of google play console in firebase and the google cloud console plus the debugging SHA-1 for both. Here I hope this will help you.

edited Aug 14 '21 at 15:29

Eric Aya

69,473
35
181
253

answered Aug 14 '21 at 14:36

doctor who

11
2

score 1 · Answer 12 · answered Aug 19 '21 at 20:19

After following most of the other answers, I could not get it to work for either the Google Play Store or debug versions. I seemingly checked everything logical, and nothing made a change.

If nothing works, I suggest simply creating a new Firebase project, depending on how much trouble it is causing you it will be much faster. At leasts test right away with a new Firebase project if it works. If it works with the new Firebase project, then you know that it is not related to your code, but your Firebase project configuration.

score 0 · Answer 13 · answered Jul 13 '20 at 10:31

In my case:

If you are using Google Play App Signing, just login into Firebase go into "project settings"->"integration" and press a button to link Google Play with firebase, SHA-1 will be added automatically. Download and change your new google-services.json

If you keep having problems, go to Google Cloud API, click on the hamburger icon on the top left -> APIs and Services -> Credentials. Choose the API Key that you're using. Under restrictions, select "None".

score 0 · Answer 14 · edited Mar 04 '21 at 17:48

0

In my case I followed these to encounter this problem:

First I deleted SHA-1 & SHA - 256 keys.
Build my Gradle.
Added FirebaseApp.initializeApp(this); in my BAseapp.
Again added my SHA Keys both of them and run my app.
Issue Resolved.

edited Mar 04 '21 at 17:48

ChristianYami

586
1
9
17

answered Mar 04 '21 at 08:13

Hamza Arshad

1

score 0 · Answer 15 · answered Dec 27 '22 at 12:29

I was having the same issue when I changed the android project to a new pc meaning I was now using a new SHA 1 that was being restricted not unless you update it on google cloud console as well as on your firebase cloud console .

To update it on google cloud console go to google cloud - credentials - Android key (auto created by Firebase) - edit Api keys - add and save your new SHA 1.

Firebase Auth: Requests from this Android client application com.xxx are blocked

15 Answers15

Linked