Use same SHA1 Key for another android app for using OAUTH2
3,833 views
Skip to first unread message
Nirmal Bhagwani
Mar 3, 2021, 7:43:44 AM3/3/21
to Firebase Google Group
hello,
We have multiple projects using same sign in key and when we try to add in firebase it gives error of SHA1 key is already being used.
In older projects we see same keys already being used so is it possible to use with help of support or any other way around ?
Thanks,
Thanks,
Nirmal Bhagwani
Kato Richardson
Mar 3, 2021, 10:10:55 AM3/3/21
to Firebase Google Group
Hi Nirmal,
The unique identifier is SHA-1 + package name (a.k.a. bundle id). You cannot reuse those as they uniquely identify an app.
Note that you don't need to configure a SHA-1 if you aren't linking to Google Play or using Google Sign In.
☼, Kato
--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/18c732dd-562e-48ef-b9cc-505760751125n%40googlegroups.com.
Vivek Savsaiya
May 13, 2021, 12:51:15 PM5/13/21
to Firebase Google Group
Hi Kato,
So, What if we have two firebase projects(Staging & Production) that are using same Package Name, and same SHA-1 key.
(We are using Google Sign in + Invites, so SHA-1 must need to set up for both projects),
Thanks
So, What if we have two firebase projects(Staging & Production) that are using same Package Name, and same SHA-1 key.
(We are using Google Sign in + Invites, so SHA-1 must need to set up for both projects),
Thanks
Kato Richardson
May 13, 2021, 1:01:55 PM5/13/21
to Firebase Google Group
Vivek, you cannot use the combination of package/bundle and SHA-1 in multiple projects. The combination of the two is the unique identifier for a given app and all apps need to be unique. You likely don't need the SHA-1 in both as it's not required except for use in Google Sign In (and in some cases in Play and Dynamic Links). For GSI, you can whitelist the OAuth account in both projects so it can be shared and you don't need the SHA-1 specified in both cases.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/76420580-b33f-41e2-9214-f5d5d22596can%40googlegroups.com.
Vivek Savsaiya
May 14, 2021, 4:34:23 AM5/14/21
to Firebase Google Group
So, Does it mean that, even if we whitlist the OAuth Account in both projects, we can use Google Sign In but not the Dynamic Links with two projects (using Same pair) ? (according to this document).
Kato Richardson
May 14, 2021, 11:56:00 AM5/14/21
to Firebase Google Group
I'm not positive what the implications are here for Dynamic Links. I recall that it uses SHA-1 in some capacity, so it's likely impacted. Others may know.
It seems like this is likely an XY problem. A better solution might be to figure out why we're trying to identify two unique apps as the same app, or register the same app in multiple projects. There are likely better solutions that work within the intended design of the platform.
☼, Kato
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/543fdb4d-34d6-4a97-ad30-ce06034e6d86n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages