The fingerprint you specified is already used by an Android OAuth2 client ID in this project or another project

4
votes

I noticed my SHA1 number showing from the gradle view signing report in android studio was different from the one I had originally. I thought maybe it was from changing computers a year ago. My game app was still able to access leaderboards and achievements. I when to my Google API dashboard I noticed the 'OAuth client' had my old SHA1. It wouldn't let me change it to my new SHA1, saying it 'had already been used by this client or another client', although I had no other clients. The mysterious 'Anroid client 1' and 'Android client 2' had neither the old or new SHA1. Underneath the 'OAuth client' was 'OAuth client (auto created by google service)' which had my new SHA1. I went ahead and deleted that one, despite a warning it gave me that it had been used 147 times in the last week (evidence of impending senility on my part I suppose). It seemed I had to delete it to free up the number for my 'OAuth client' that was not auto created.

Now it appears I'm screwed, as it still gives me 'the already in use message' when I try to change the SHA1, and my game app can no longer access Google Play Services at all. I'm thinking I should have deleted the 'OAuth client' instead. Can I recover from this? Will it free up over time? Another post suggested 7 days for clients to be removed, although I don't see a button to delete the whole client, and am concerned over the deletion of the API codes on the same page.

EDIT 3/30 - It looks like I may have lost this number permanently, although (I'm hoping) it only affects my Leaderboards and Achievements, not Firebase, Inapp Purchasing, or Ads. I can roll my own Leaderboards and Achievements in Firebase anyway. New projects with different package names give me the same unusable SHA1 in the Gradle signingReport.

enter image description here

1
androidandroid-studioshagoogle-api-console

1 Answers

1
votes

I finally got a useful response from Google support through email, providing just a clue on how to start the recovery process:

I understand you're receiving a Client ID error when trying to link your app to a Game Services project. This error message is displayed because your package ID and SHA1 are already in use by another Client ID.

To resolve this issue, please use the steps below to delete the Client ID from your Google Developers Console (formerly Cloud Console).

Important: Do not delete the Google Developers Console project before deleting the Client ID. If you’ve already deleted the project, you will need to undelete it from your Projects list.

1. Use the following URL to access the project - https://console.developers.google.com/project/186639667931
2. Select APIs & auth > Credentials
3. Under “Client ID for Android application” click the “Delete” button.
4. Try linking your app in the Play Console again. If you’re unable to view or undelete the project linked in step 1, please try accessing it while logged in with the primary email address on your Play developer account.

There was no 'Client ID for Android application', but there was an 'OAuth Client' under 'OAuth 2.0 client IDs', so I deleted that. That still had an old SHA1 number as it wouldn't take my current one. So I wasn't really deleting something with my current number, but deleting this deleted the whole client and brought up a blank screen. Here there was a bit of a trap. I added my current SHA1 number to that screen, which it accepted. Now I was able to get a response from the Google Play site again from my app, although its response always was 'Cannot access services'.

As it turns out, this screen was the default screen, which is 'Google Play Android Developer'. I'll have to research what this is for sometime, but what I needed to add a SHA1 to was my actual app name. I ultimately found buried in the dropdown list at the very top, next to 'Google APIs', among example apps I had downloaded and 'Google Play Android Developer'. I still couldn't add my current SHA1 to it until I went back and deleted the 'OAuth Client' from 'Google Play Android Developer'. This bought the same default screen back, so I went back to the dropdown, selected my app name, and then was able to finally add my current SHA1 back to it.

So deleting a SHA1 appears not to be a permanent exile from Play Services, just the start of a tricky process to get it reestablished.