Home » Android » Android Applications » How to Identify and Add SHA1/SHA-256 Certificates to Firebase Console for Phone Authentication

How to Identify and Add SHA1/SHA-256 Certificates to Firebase Console for Phone Authentication

Firebase provides seamless phone number authentication for Android apps, and adding the correct SHA1 and SHA-256 certificates is essential for the authentication process to work properly. Without these certificates, Firebase won’t recognize the requests made by your app, and features like phone authentication won’t work as expected.

In this step-by-step guide, we will show you how to identify your SHA1 and SHA-256 certificates and how to add them to the Firebase console for your app’s phone authentication. We’ll explain the concepts in simple, human-readable language, providing examples where necessary to help you integrate phone authentication smoothly.


What Are SHA1 and SHA-256 Certificates?

SHA1 and SHA-256 are cryptographic hash functions used to uniquely identify your Android app. These certificates allow Firebase to verify that the request it receives is coming from your app, ensuring security and privacy. When setting up Firebase Phone Authentication, both SHA1 and SHA-256 certificates are needed to sign requests and authenticate users via phone numbers.


Step 1: Identify Your App’s SHA1 and SHA-256 Certificates

There are multiple ways to identify your app’s SHA1 and SHA-256 signatures. We will cover two common methods: using Android Studio and the keytool command.

Method 1: Using Android Studio

If you’re using Android Studio, you can easily find the SHA1 and SHA-256 fingerprints by following these steps:

  1. Open Android Studio and load your project.
  2. Navigate to the Gradle tab on the right-hand side of Android Studio.
  3. In the Gradle tab, expand your project: YourProject > Tasks > android > signingReport.
  4. Double-click on signingReport to run the task.
  5. The SHA1 and SHA-256 fingerprints will appear in the Run tab at the bottom of Android Studio.

Here is what it will look like:

Variant: debug
Config: debug
Store: /path/to/keystore
Alias: androiddebugkey
MD5: A1:B2:C3:D4:E5:F6:G7:H8:I9:...
SHA1: AA:BB:CC:DD:EE:FF:...
SHA-256: 11:22:33:44:55:66:77:88:...

The important pieces of information are the SHA1 and SHA-256 fingerprints, which you will need for Firebase.

Method 2: Using keytool Command

If you prefer using the terminal, you can use the keytool command to obtain the SHA1 and SHA-256 signatures:

  1. Open your terminal or command prompt.
  2. Run the following command to get the SHA1 and SHA-256 fingerprints:
keytool -list -v -keystore /path/to/your/keystore -alias your_key_alias -storepass your_password

Replace /path/to/your/keystore, your_key_alias, and your_password with the correct values for your keystore.

The output will include the SHA1 and SHA-256 certificates:

SHA1: AA:BB:CC:DD:EE:FF:...
SHA-256: 11:22:33:44:55:66:...

Step 2: Add SHA1 and SHA-256 Certificates to Firebase Console

Once you have your SHA1 and SHA-256 certificates, you need to add them to your Firebase project. This step is crucial for enabling Firebase Phone Authentication.

Steps to Add Certificates to Firebase:

  1. Go to the Firebase Console: Firebase Console.
  2. Open your project or create a new project if you haven’t already.
  3. In the Firebase Console, click on the gear icon in the top left corner to access Project Settings.
  4. Scroll down to the Your Apps section and click on your Android App.
  5. Under SHA certificate fingerprints, click on Add Fingerprint.
  6. Enter the SHA1 certificate fingerprint and click Save.
  7. Repeat the process to add the SHA-256 certificate fingerprint.

Once you’ve added both fingerprints, Firebase will authenticate requests coming from your app for features like Phone Authentication.


Step 3: Enable Firebase Phone Authentication

With your SHA certificates added, you can now enable Phone Authentication in Firebase:

  1. In the Firebase Console, go to the Authentication section from the left-hand menu.
  2. Click on the Sign-in method tab.
  3. Scroll down to Phone and click Enable.
  4. Click Save.

Example: Using Firebase Phone Authentication in Your Android App

Here is an example of how to implement Firebase Phone Authentication in your Android app.

  1. Add the required Firebase Authentication dependencies in your build.gradle file:
implementation 'com.google.firebase:firebase-auth:21.0.1'
  1. In your MainActivity.java, initialize Firebase Authentication and start the phone authentication process:
import android.os.Bundle;
import com.google.firebase.auth.FirebaseAuth;
import com.google.firebase.auth.PhoneAuthOptions;
import com.google.firebase.auth.PhoneAuthProvider;
import java.util.concurrent.TimeUnit;
import androidx.appcompat.app.AppCompatActivity;

public class MainActivity extends AppCompatActivity {

    private FirebaseAuth mAuth;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);

        // Initialize Firebase Auth
        mAuth = FirebaseAuth.getInstance();

        // Start phone number verification
        startPhoneNumberVerification("+911234567890");  // Replace with actual phone number
    }

    private void startPhoneNumberVerification(String phoneNumber) {
        PhoneAuthOptions options =
                PhoneAuthOptions.newBuilder(mAuth)
                        .setPhoneNumber(phoneNumber)       // Phone number to verify
                        .setTimeout(60L, TimeUnit.SECONDS) // Timeout duration
                        .setActivity(this)                 // Activity (for callback binding)
                        .setCallbacks(new PhoneAuthProvider.OnVerificationStateChangedCallbacks() {
                            @Override
                            public void onVerificationCompleted() {
                                // Handle verification completion
                            }

                            @Override
                            public void onVerificationFailed() {
                                // Handle verification failure
                            }
                        })
                        .build();
        PhoneAuthProvider.verifyPhoneNumber(options);
    }
}

This code initializes Firebase Authentication and starts phone verification for a given phone number.


Adding your SHA1 and SHA-256 certificates to Firebase is a crucial step when setting up Firebase Phone Authentication. Without these certificates, Firebase cannot securely verify that requests are coming from your app. By following this guide, you can quickly identify your SHA certificates, add them to Firebase, and enable phone authentication to improve your app’s security and user experience.

4 thoughts on “How to Identify and Add SHA1/SHA-256 Certificates to Firebase Console for Phone Authentication”

  1. Hello,
    I developed a chat app in android studio, and added SHA1 and SHA256. it works on my mobile to send otp, but when i create APK file, and click to send otp, it shows error,
    `this app is not authorized to use firebace authentication. Please, verify correct package name and SHA1 are configured in firebase console. (a safty net token was passed, but no matching SHA256 was registered firebase console. Please make sure that this application’s package name/SHA256 pair is registered in the firebace console.’
    I check package name is correct and SHA1
    & SHA256 pasted.
    what is problem there. Please help me.

    Reply
  2. Pingback: com.google.firebase.auth.FirebaseAuthException: This request is missing a valid app identifier, meaning that neither SafetyNet checks nor reCAPTCHA checks succeeded. Please try again, or check the logcat for more details - Lynxbee, Embedded, Linux, Androi
  3. hi , I try to learn flutter and firebase , I have a problem with app check service in firebase, when I set SHA-256 and click to save it , firebase give a notification about :an error occurred when accepting terms of service, how can find why I faced this error

    Reply

Leave a Comment