How to Add SHA-1 & SHA-256 to Firebase for Phone Auth ?

If you’re using Firebase Phone Authentication in your Android app, Firebase needs to verify your app’s identity through SHA-1 and SHA-256 certificate fingerprints. These keys are essential to ensure secure communication between Firebase and your mobile app—especially for Google Sign-In and OTP verification.

In this step-by-step guide, you’ll learn:

  • What SHA keys are
  • How to find SHA-1 & SHA-256 in Android Studio or terminal
  • How to add them to your Firebase project

🧠 What are SHA-1 and SHA-256?

SHA (Secure Hash Algorithm) keys are unique signatures generated from your app’s signing certificate.
Firebase uses them to verify that the app making a request is genuinely your app.

  • SHA-1: Needed for Google Sign-In, Phone Authentication, and Dynamic Links
  • SHA-256: Needed for Firebase App Check, Google Play Integrity API, and enhanced security

🛠️ Step-by-Step: How to Get SHA-1 and SHA-256 Fingerprints


✅ Option 1: Using Android Studio (Easiest)

  1. Open your project in Android Studio
  2. Click on Gradle tab (right panel)
  3. Expand: :app > Tasks > android > signingReport
  4. Double-click signingReport

In the output window (at the bottom), you will see entries like:

SHA1: A1:B2:C3:D4:...
SHA-256: 1A:2B:3C:...

🔐 These keys will appear for both debug and release builds.


✅ Option 2: Using Terminal or Command Line

Run the following command:

./gradlew signingReport

Or on Windows:

gradlew signingReport

Make sure you’re in the root directory of your Android project.


🧩 Step-by-Step: Add SHA Keys to Firebase Console

  1. Go to Firebase Console
  2. Select your project
  3. Navigate to: Project Settings > General > Your apps > Android App
  4. Click Add Fingerprint
  5. Paste your SHA-1 or SHA-256
  6. Click Save

⚠️ After saving, re-download the google-services.json file and place it in your /app directory if needed.


📞 Enable Phone Authentication in Firebase

To use Phone Number OTP authentication:

  1. Go to Firebase Console
  2. Click Authentication > Sign-in Method
  3. Enable Phone
  4. Save changes

You can also add test phone numbers for debugging.


🔄 Pro Tip: Use Release Keystore for Production

For production APKs, generate SHA keys using your release keystore:

keytool -list -v -keystore path-to-keystore -alias your-key-alias -storepass password -keypass password

⚠️ Common Errors & Fixes

ErrorSolution
Firebase OTP not sentMissing SHA-1 key in console
App not verifying after OTPIncorrect or missing google-services.json
Build fails after adding keysSync Gradle and clean build

Adding your app’s SHA-1 and SHA-256 to Firebase is non-negotiable for enabling secure phone authentication and other advanced Firebase features. Without them, OTP services, Google sign-ins, and backend verification simply won’t work.

Now that you’ve learned how to extract and add these keys, your Firebase authentication setup will be smooth and secure!

Was this guide helpful for your Android + Firebase setup?
Leave a comment below if you faced any issues—we’re here to help developers build secure apps! 🔐📱

4 thoughts on “How to Add SHA-1 & SHA-256 to Firebase for Phone Auth ?”

  1. Hello,
    I developed a chat app in android studio, and added SHA1 and SHA256. it works on my mobile to send otp, but when i create APK file, and click to send otp, it shows error,
    `this app is not authorized to use firebace authentication. Please, verify correct package name and SHA1 are configured in firebase console. (a safty net token was passed, but no matching SHA256 was registered firebase console. Please make sure that this application’s package name/SHA256 pair is registered in the firebace console.’
    I check package name is correct and SHA1
    & SHA256 pasted.
    what is problem there. Please help me.

    Reply
  2. Pingback: com.google.firebase.auth.FirebaseAuthException: This request is missing a valid app identifier, meaning that neither SafetyNet checks nor reCAPTCHA checks succeeded. Please try again, or check the logcat for more details - Lynxbee, Embedded, Linux, Androi
  3. hi , I try to learn flutter and firebase , I have a problem with app check service in firebase, when I set SHA-256 and click to save it , firebase give a notification about :an error occurred when accepting terms of service, how can find why I faced this error

    Reply

Leave a Comment