Error 12501 authenticating with google sign-in

Question

I'm using google sign-in services to authenticate users that use my app. I got it to work when I just requested email information

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                    .requestEmail().build();

Then, I figured out I also need to request ID token to be able to authenticate with my backend so I did:

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                    .requestIdToken(String.valueOf(R.string.server_client_id))
                    .requestEmail().build();

The problem is that it wouldn't let me log in after the changes. The status I keep getting each time I try to login is Status{statusCode=unknown status code: 12501, resolution=null}.

I've been searching around and I found this post that is pretty much about the same thing. However, I didn't make any of the mistakes named by the people who answered, the oAuth Client ID in my dev console is for web application: And R.string.server_client_id is the first client ID from the picture. the package names are of course correct in all placed otherwise it wouldn't even work without the token request. 2 people also suggested that the app needs to be signed for this to work, but googles documentation says that debug key should work too, and it doesn't make sense to make people sign the apps for debugging.

I've been trying to figure this out for hours but with no success. What could be the problem? Please feel free to request more information I might have forgotten to put here.

This is sick! i faced terrible prob after uploading it to play store!! — Rafique Mohammed, Dec 24 '15 at 08:59
Thats probably because the client id for android is for your debug key. Try updating the key on developer console to the key you used to sign the apk. — JamMaster, Dec 24 '15 at 11:03
Use Web server_client_id http://stackoverflow.com/questions/33583326/new-google-sign-in-android/36608533#36608533 — ketankk, Apr 13 '16 at 20:09
My problem solved. Check my answer [here](http://stackoverflow.com/questions/33583326/new-google-sign-in-android/37134516#37134516) — Maziar Manouchehry, May 10 '16 at 09:57
I answered it here: http://stackoverflow.com/questions/33583326/new-google-sign-in-android/37657942#37657942 — Master, Jun 06 '16 at 12:50
Curious why .requestIdToken(String.valueOf(R.string.server_client_id)) is required since it's explicitly omitted in Google's documentation on https://developers.google.com/identity/sign-in/android/ — Tom Pace, Dec 01 '16 at 18:54
Where in Google's docs does it even spell out that this string resource is required?? I'm scouring the docs, and doing google searches for the server_client_id string and I see no official point that it's a requirement. I have no need for back-end auth. Yet I get the 12501 error. No mention that it even exists, until I dig into the source code of the sample Sign-In project and examine the res/values/strings.xml and find — Tom Pace, Dec 01 '16 at 20:10
SOLVED! NOTHING to do with requestIdToken() nor server_client_id. Back to basics: figure out the structure and meaning of keys/values in google-services.json. I cross-referenced all the client_id values of every object in root.client[].oauth_client[].client_id with my current package name, and the debug key was missing. THIS IS VERY CRUCIAL: The google-services.json generator **only picks one key signature**. Curses. Anyway, I cloned the valid entry in root.client[].oauth_client[] and applied the debug key and SUCCESS. — Tom Pace, Dec 02 '16 at 00:36
**code 12501** in plain text, copied from the logcat: "You have wrong OAuth2 related configurations, please check. Detailed error: **UNREGISTERED_ON_API_CONSOLE**". — Martin Zeitler, Mar 10 '17 at 21:43

score 24 · Accepted Answer · edited Mar 08 '19 at 20:55

24

Well, this is very embarrassing, but I figured it out:

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                    .requestIdToken(AuthenticatedActivity.this.getResources().getString(R.string.server_client_id))
                    .requestEmail().build();

I was sending it the resource ID instead of dereferenced string resource.

edited Mar 08 '19 at 20:55

A-Sharabiani

17,750
17
113
128

answered Nov 22 '15 at 11:34

JamMaster

1,446
1
14
24

4

What is the value of R.string.server_client_id? Where do you get it from ? – JoseF Dec 09 '15 at 10:57
You get it from developer console. Follow googles tutorial, they explain how to get it. – JamMaster Dec 09 '15 at 11:01
1

I don't find this tutorial? Can you send me the link? – JoseF Dec 09 '15 at 11:02
There is a link in my first post – JamMaster Dec 09 '15 at 11:05
3

Thanks, as I suspected, I was using the correct clientId but I'm still getting 12500 or 12501. – JoseF Dec 09 '15 at 11:21
@JoseF you need to edit app/src/main/res/values/strings.xml to put in a line like this: `YOUR_SERVER_CLIENT_ID` As others have mentioned, you get this from the developer console. – Sam Stern Dec 16 '15 at 22:32
I just updated the client_id. The tricky think is that you need to use two client_id, one is the android client_id and the YOUR_SERVER_CLIENT_ID an Web client id. I don't know why but this is how it works. – JoseF Dec 17 '15 at 08:21
@JoseF where should i use the android id? There are no place where i should put it... – Sirop4ik Aug 04 '16 at 12:08
What do you mean with android id ?@AlekseyTimoshchenko – JoseF Aug 05 '16 at 08:00
2

I find client Id also in .json file. but error is same and 12501 . why? – Mahdi Dec 31 '16 at 14:35
if you are lazy to put `server_client_id` in strings.xml you can use `getString(R.string.default_web_client_id)` as this is **auto generated from google-services.json** – Samuel Jun 01 '17 at 01:19
1

Does anybody know what is wrong if I can't sing in only on one device(get the same error on Xiaomi mi note 2), but on others devices sing in works well. – AinisSK Oct 26 '17 at 13:40

score 12 · Answer 2 · edited May 23 '17 at 12:02

Obviously first check your release sha1 key is correct or not. But if still it is not working and you ar using google play services 8.4.0 (i.e.compile 'com.google.android.gms:play-services:8.4.0'), the issue could be solved by modifying GoogleSignInOption object. Instead of:

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                    .requestEmail()  
       .requestIdToken("YOUR_WEB_API_ID.apps.googleusercontent.com")
                    .build();

You have to use :

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                .requestScopes(new Scope(Scopes.PLUS_LOGIN))
                .requestScopes(new Scope(Scopes.PLUS_ME))
                .requestEmail()
                .build();

This solves error returning statusCode=INTERNAL_ERROR OR statusCode=Error 12501 OR statusCode=Error 12500. Then this gso object could be used for creating GoogleApiClient as shown below:

 mGoogleApiClient = new GoogleApiClient.Builder(this)
                .enableAutoManage(this, this)
                .addApi(Auth.GOOGLE_SIGN_IN_API,gso)
               // .addApi(Plus.API, null)
                .addConnectionCallbacks(this)
                .addOnConnectionFailedListener(this)
               // .addScope(Plus.SCOPE_PLUS_LOGIN)
                .build();

See this for detail: Google signin not working on release version of android

In my case, I had switched to a new (different) computer and then this problem started. I had so many other things on my mind, due to getting another laptop up and running for work, that I never thought about the SHA-1 being different. I am using Firebase auth, so I copied my SHA-1 and updated their end, then generated a new json file to drop into my app. Fixed. Thanks to silwalprabin for mentioning the SHA. — Eric Engel, Mar 04 '17 at 03:25
@EricEngel probably different pc=different android studio=different default debug sha. — Hiro, Sep 18 '21 at 17:42

score 5 · Answer 3 · answered May 24 '17 at 13:25

Make sure you added the SHA-1 fingerprint for your (release) signing key to the Firebase console

Find your SHA1 key: keytool -exportcert -list -v -alias <your-key-name> -keystore <path-to-production-keystore>

Add it to the firebase console: go to https://console.firebase.google.com, select your app, select settings.

score 3 · Answer 4 · answered Dec 17 '15 at 21:19

In my project I had a different applicationId in my gradle file than packagename in my manifest.xml and that was the source of my problem.

The android key I had to created needed to have the applicationId fqdn and NOT the package name (contrary to what google tells you) for it to work for me.

Thought I'd leave that here in case it saves time to someone.

Mido Reigh · Answer 5 · 2017-06-15T07:22:36.227

1.Specify signingConfigs in your gradle file

signingConfigs {
        config {
            keyAlias 'appalias'
            keyPassword 'hunter123'
            storePassword 'hunter123'
            storeFile file('path/to/keystore.jks')
        }
}

2.Go to Build Types in Project Structure (in Android Studio) and specify signingConfigs to "config"

Now clean your project and build again. It should work.

If the above doesn't work then below is your last resort.
Try step one and build and check. If it's not working go to next step and try to build again.

Build a signed apk (With remember password checked).
Before signing check the filename of the keystore file and the one yo give in while signing the apk (in android studio).
Install the signed apk in your device.
Wait for five minutes.
Try singing in to google. If still 12501 is coming wait five more minutes. While doing that hit gradle sync.
Try again. It should work.

Edit: Google have added apk signing in the console. If you already signed your apk, ignore it OR if you want to use it be careful with it because it can break your current google signin settings

your step 1 worked for me. i was testing through android-debugged.apk after reading you answer first created signed apk , then installed it and check google login, it works. — Chirag thaker, Apr 04 '17 at 08:22
Google signin have many issues while using android studio. If you change the filename of your keystore then change it back to the old one, your perfect app wont let you use google signin with the next build. — Mido Reigh, Apr 05 '17 at 19:18

score 3 · Answer 6 · answered Apr 26 '17 at 12:09

3

I had this issue when I accidentally used the client ID of the Android app instead of the Webapp as the requestIdToken() parameter.

You should use the Client ID of the Webapp there. By default it is called Web client (auto created by Google Service)

answered Apr 26 '17 at 12:09

Daniel Zolnai

16,487
7
59
71

score 2 · Answer 7 · answered Apr 01 '18 at 21:12

2

The <meta-data> from Androidmanifest.xml is outside of <application></application> enclosure. Thats why you get 12501 error

    <meta-data android:name="com.google.android.gms.games.APP_ID"
        android:value="@string/app_id" />
    <meta-data android:name="com.google.android.gms.version"
        android:value="@integer/google_play_services_version"/>

answered Apr 01 '18 at 21:12

Duna

1,564
1
16
36

2

Hey, bro, I don't know who you are but after 12hours headbanging myself, suddenly found your comment and fixed all my problems. So.. I wish you the best of the best. You are a savior. – vikAy May 06 '20 at 21:42

score 2 · Answer 8 · answered Jul 09 '19 at 05:53

I don't know how relevant this question is in 2019. However, Error code 12501 means:

The sign in was cancelled by the user. i.e. user cancelled some of the sign in resolutions, e.g. account picking or OAuth consent.

Check following link for more information:

https://developers.google.com/android/reference/com/google/android/gms/auth/api/signin/GoogleSignInStatusCodes.html#SIGN_IN_CANCELLED

score 1 · Answer 9 · answered Dec 27 '15 at 02:38

1

Have you already set up your signingConfigs and buildTypes in your Gradle? I've fixed it by explicitly specify those things on gradle. Read here http://developer.android.com/tools/publishing/app-signing.html

answered Dec 27 '15 at 02:38

Mochamad Gufron Efendi

1,046
12
19

This question was answered a few months ago. – JamMaster Dec 27 '15 at 08:34
4

@jammaster i know and i tried the same thing you did on your android project and it didn't work out for me. Well, in case other users have the same problem with me, i would love to share the solution here. Just saying. :) – Mochamad Gufron Efendi Dec 27 '15 at 08:50

score 1 · Answer 10 · answered May 25 '17 at 11:11

I had the same problem. The problem was that I somehow had the wrong "API Project" selected and therefore chose the wrong web client key. Obviously there were two OAuth2 server client IDs created in both of my API Projects while my attempts to get the demo app running.

score 0 · Answer 11 · answered Feb 12 '16 at 13:41

0

I experienced a similar problem. In my case, it was because the server client ID that I was using was from a different project than the client keys. It turns out that they need to be from the same project.

answered Feb 12 '16 at 13:41

Tad

4,668
34
35

score 0 · Answer 12 · answered May 22 '17 at 08:40

Hi I have seen above comments but as I have done practical , its all sha issue , means if you will register the sha of particular ip address and get google.services json , that will perfect either you can use

   gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
            .requestEmail()
            .build();

or gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN) .requestIdToken(LoginActivity.this.getResources().getString(R.string.server_client_id)) .requestEmail().build(); but if you want to create app on other ip address with other machine sha is showing you 12501 error status code so for that you need to generate again sha for that particular machine . Thanks

score 0 · Answer 13 · answered Aug 13 '23 at 23:40

0

i had that error cause i have 2 apps in 1 firebase database, and added my sha fingerprints on my main app, not the services app that i was trying to update.

answered Aug 13 '23 at 23:40

yago

59
4

Error 12501 authenticating with google sign-in

13 Answers13

Linked