20

I'm using Google SignIn and then authenticate on Firebase using signInWithCredential, passing the Google credentials.

I followed all the procedures, and everything was working! And suddenly it stops working. I went to a previous working code and it still fails. So it seems something happened with the database configuration.

In Firebase DB I already checked:

  • DB is up and running. As a fact I can read when not logged (as I have defined by rules)
  • Sign-in method for Google is still ENABLED
  • My App is still registered the project configuration, including their SHA1 signature (for debug and release version)
  • I have confirmed the google-services.json file downloaded from configuration still match my app json file

After Google login finish Ok, the error message is as follows as I get from my try-catch with task.getException in the listener:

com.google.firebase.FirebaseException: An internal error has occurred. [ Invalid Idp Response: the Google id_token is not allowed to be used with this application. Its audience (OAuth 2.0 client ID) is XXXXX-XXXXX.apps.googleusercontent.com, which is not authorized to be used in the project with project_number: XXXXX. ]
     at com.google.android.gms.internal.zzago.zzew(Unknown Source)
     at com.google.android.gms.internal.zzagl$zzg.zza(Unknown Source)
     at com.google.android.gms.internal.zzagw.zzex(Unknown Source)
     at com.google.android.gms.internal.zzagw$zza.onFailure(Unknown Source)
     at com.google.android.gms.internal.zzagr$zza.onTransact(Unknown Source)
     at android.os.Binder.execTransact(Binder.java:453)

(I changed my project info to XXXX)

What else could have changed in the Firebase configuration? Please help!

Edit: SOLVED, as described below. You need to also take a look at the Google API console at https://console.developers.google.com/apis/credentials

Ariel Perez
  • 301
  • 1
  • 2
  • 7
  • Update: Email/password is working without problem. Everything is working except authentication with Google token. – Ariel Perez Nov 07 '16 at 01:48
  • Does the number in the client ID match with the project number in that error message? I am guessing not, in which case either: the id token is generated from a different app than expected, or its for a different firebase project than expected. You mention the SHA1 is registered - is there any chance another key is being used to sign it? – Ian Barber Nov 15 '16 at 00:06
  • @IanBarber Thanks. I found I can not add the SHA1 certificate fingerprint to the firebase project. It says it is used in another project. I checked and remover everywhere but still the same message. So now this is the problem I need to solve, that I assume is causing the problem. I followed the following link: https://support.google.com/firebase/answer/6401008 – Ariel Perez Nov 22 '16 at 13:32
  • 1
    SOLVED!! Not sure why, but the web client configuration had been changed. What I did not know is that the firebase console does not have all the information you need, but you also need to check the Google API Console, in order to work with Google Login: https://console.developers.google.com/apis/credentials – Ariel Perez Dec 04 '16 at 06:29

2 Answers2

36
  1. You have to create Web-client Oauth 2.0 id here https://console.developers.google.com . After that you will have client id and secret
  2. Open https://console.firebase.google.com and goto Authentication -> Sign-in method -> Google -> Web SDK configuration and use client id and secret you have got on the step 1. in Web client ID & Web client secret.
Min2
  • 10,751
  • 2
  • 19
  • 22
alexflom
  • 361
  • 3
  • 6
  • 1
    This is exactly what I needed to do. Thanks! – Matthew Rideout Feb 01 '18 at 17:34
  • I found that Firebase had already created a google project for me automatically. Inside that project was clientIds and secrets for ios, android and web. – plumpNation Nov 04 '18 at 12:11
  • Check the clientId and secret with the web sdk configuration found in the Firebase Console -> Your project -> Authentication -> Sign-in Method -> Google. – plumpNation Nov 04 '18 at 12:37
  • This is the real answer. Im using Expo and couldnt get it to work until making a Web Client Id with this – Leon Jun 08 '20 at 04:54
  • This saved my day! – helloWorld Jul 11 '20 at 13:42
  • oh my god i was trying to fix this for hours because it worked on android but not on chrome. thank you so much – jksevend Mar 06 '21 at 13:19
  • In my case, I had added a new web app that resulted in the Google Web SDK configuration to be auto updated. I had to go to https://console.cloud.google.com/apis/credentials Manually create a OAuth2.0 Client creds for type "Web application" and update the Firebase > Auth > Google > Web SDK config with these new values. – skangayam May 24 '21 at 00:21
4

Sounds like your sign-in methods have changed. You need to go into the firebase authentication page and make sure that google sign in is still allowed.

Go to Firebase Console -> Authentication -> Sign-in method and in the sign in providers make sure that Google is enabled.

Also, you can do:

Get your web client ID and take note of both the client ID and secret.

Input this Client ID into your Firebase project’s configuration:

Go to the Firebase console at https://console.firebase.google.com Open the Auth section Under Sign-In methods, open the Google configuration, and add the values under the Web SDK configuration section.

develop1
  • 747
  • 1
  • 10
  • 32
  • Thanks for your reply. As I said I checked the Firebase DB status. The four points described, including "Sign-in method for Google is still ENABLED". And what is very important is that everything was working. By the way, the email/password approach is still working. No problem with that. The problm is just the Authentication with the Google token. As I understand everything related to web configuration is for web client applicatio and I'm not interested by now to use or try these options. Thanks again – Ariel Perez Nov 07 '16 at 01:47