I have updated SHA-1 key to firebase project settings from Google Play console. Also I have added release and debug SHA-1 keys. But still google team can't able to use the app. It is login successfully with testing mobile number and OTP, but after that it will fetch data from firebase database in an activity. At that moment application got crashed. And it is rejected by them again and again.
Kindly help me on this.
We are using firebase phone authentication to authenticate our users. We've been using it for over a year now.
Today at 13:00 GMT, new users are receiving 17028 An invalid safety_net_token was passed after entering their phone number.
I tried to verify each of the causes I found on the firebase docs:
Verifying the SHA1 and SHA256 on the firebase console (We use the fingerprints that are on the play store console)
Verifying the package name
The last app update was on October 1st and since then thousands of users created an account with Firebase Auth and there were no configuration changes on the firebase console.
Upon looking at other StackOverflow questions, the error we are getting is not the same as 17028 A safety_net_token was passed, but no matching SHA-256 was registered in the Firebase console. Please make sure that this application's packageName/SHA256 pair is registered in the Firebase Console Even though it is the same error code, in our case, it says an invalid token was passed.
We are using firebase with react-native-firebase module.
EDIT: After disabling Android device verification API from Google Cloud Console the verification is now working but with no device verification. (Users have to verify they're not robots with a CAPTCHA).
Update: It is working fine now, and the outage has been fixed.
It looks to be a firebase internal issue, and the only solution now is to disable "Android Device Verification" and all your users will see the Recaptcha page.
check
https://status.firebase.google.com/
https://status.firebase.google.com/incidents/TYeQBVB4kkzyk2kE8vbP
I've made an app with Flutter Firebase and released to Google playstore about 2 months ago and till today,the verification SMS sent to user's phone isn't picking up the app name from the playstore. The SMS received is given as example below
111111 is your verification code for myproject465.firebaseapp.com
Another user got responded by firebase support [here][1] stating that the %APP_NAME% will be automatically used after release(small delay may occur) but it's been more than a month and still not picking up the app name.
I've contacted firebase support but as I'm unable to opt in for a paid tech support, they can't help me further. Hope someone here can help me out
UPDATED: Enabling Safety net in the project fixed the issue for me( auth domain update not done)
[1]: https://stackoverflow.com/a/52525587/7610087
I am testing Firebase SMS authentication on my android app on release mode. So, after few succesful authentications, I started getting the error:
we have blocked all requests from this device due to unusual activity. Try again later
I deleted the affected user but still not working. Then, I contacted Firebase support and that's what they said:
There's a limit of 5 SMS per phone number per 4 hour
Now I am struggling how to test my app before making it live for real users.
I need to test receiving SMS instead of using whitelisted phone numbers. The reason is that I have a bug on release mode which requires many testings to be fixed. Please I need some help!
I have been trying and searching various methods to make Firebase Phone Auth to work in my flutter application. (There is an open issue talking about conflicts between Firebase Cloud Messaging & Firebase Phone Auth, but I am unsure if my issue is related to that. I do use Firebase Cloud Messaging which works perfectly fine.).
In iOS simulator, whenever I call FirebaseAuth.instance.verifyPhoneNumber, my app opens a web page for reCAPTCHA workflow, and returns back to the app. Then I see the error logs like below in verificationFailed callback. (It is expected to follow reCAPTCHA flow for iOS Simulator according to Firebase Phone Auth Doc)
flutter: Instance of 'AuthException'
flutter: {"error":{"code":403,"message":"Requests from this ios client application <empty> are blocked.","errors":[{"message":"Requests from this ios client application <empty> are blocked.","domain":"global","reason":"forbidden"}],"status":"PERMISSION_DENIED"}}
It is suspicious that error message is using <empty> as my application name, instead of my real app name (or default firebase app name which is __FIRAPP_DEFAULT), but I am unsure why that is happening.
In real iOS device, whenever I call FirebaseAuth.instance.verifyPhoneNumber, the app invokes verificationFailed callback again and I get the error with verifyPhoneNumberError as code and Token mismatch as error message. This is happening in both debug build as well as in release build.
I am using following SDK & library versions.
Flutter SDK = 1.12.13+hotfix.5
firebase_core = 0.4.3
firebase_auth = 0.15.4
firebase_messaging = 6.0.9
Has anyone been able to get Firebase Auth Phone auth working in iOS? I am stuck in this limbo state because I cannot seem to search any info online related to this. I have setup iOS APN, GoogleService-info.plist, Google Cloud Credentials multiple times so far with no luck. (Given that Firebase Cloud Messaging works perfectly fine, I doubt it is an issue with credentials or APN setup.)
Answering my own question since I figured out the root cause.
In Google Cloud Project that is connected to Firebase, I was able to find a set of API Keys that were created by Firebase.
https://console.cloud.google.com/apis/credentials
For each App you define and create in Firebase, a new API key will be auto-created in the API key section. In my case, there was one for 'iOS key (auto created by Firebase)' and another for 'Android key (auto created by Firebase)'.
Well, by default, they do not impose any restrictions and you see a yellow triangle next to the key. So I added restrictions to those keys so that they can only be useable in my app. This is done by setting Application restrictions with corresponding bundle id for iOS and another app id for Android within each API key detail page.
This restriction was actually the reason that Phone Auth has not been working in my apps. Once I reverted the change back to None, I no longer encountered Token mismatch or AuthException.
Ideally, I should restrict these API keys to my app only, but it seems like my Flutter app is unable to prove its identity/appId/bundleId to google services, and Google had been rejecting requests from my App. This must be why I was seeing Requests from this ios client application <empty> are blocked. error message.
For now, everything is working because there is no restriction, but I will need to figure out why my app and its id association is not working as expected sooner than later, so that I can add restriction back.