Firebase App Check error in Flutter's Android Release Builds
I'm encountering an issue while trying to implement Firebase App Check in my Flutter application for release builds on Android. For debug, I am able to get the debug token from the console and when I add it to firebase the requests are valid. However I keep getting the following error on release:
[firebase_app_check/unknown] t4.m:error returned from API. code: 403 body: App attestation failed.
The verified requests are from the debug build and the invalid are from the release.
I have been looking online but I feel like something is either missing or I am missing something, I have followed the official documentation.
Here is my pubspec.yaml
firebase_core: ^2.7.1
firebase_app_check: ^0.2.2
My main.dart
await Firebase.initializeApp(
options: DefaultFirebaseOptions.currentPlatform,
);
FirebaseFirestore.instance.settings =
const Settings(persistenceEnabled: true);
await FirebaseAppCheck.instance.activate(
androidProvider:
kDebugMode ? AndroidProvider.debug : AndroidProvider.playIntegrity);
await FirebaseAppCheck.instance.setTokenAutoRefreshEnabled(true);
In android/app/build.gradle:
dependencies {
implementation("com.google.firebase:firebase-appcheck-playintegrity")
implementation(platform("com.google.firebase:firebase-bom:32.8.0"))
}
I have seen people making changes to build.gradle and the MainActivity even though the documentation doesn’t mention anything about it.
Additional Details
- The SHA-256 key of my app in Firebase matches the app signing key obtained from the Google Play Console.
- The Firebase project is linked to the Google Cloud project associated with the Google Play Console.
- The SHA-256 App Signing key of my app is correctly entered in the Play Integrity section of Firebase App Check.
- On Google play Console on the App Integrity section, it seems like I haven't completed the steps for the Play Integrity API, but after looking at the documentation that is provided with the button I assume that this is marked automatically when I upload a bundle that has the dependency in my build.gradle so I do not thing this is the case for my problem, (https://developer.android.com/google/play/integrity/setup#integrate-in-app)
Some of the links that I have seen:
- https://firebase.google.com/docs/app-check/flutter/default-providers
- https://medium.com/@emabyte/securing-your-flutter-app-made-easy-with-firebase-app-check-b4bfae29738f
- https://createthrive.com/blog/implementing-firebase-app-check-in-flutter-step-by-step
Can someone guide me on what I might be missing or suggest any further troubleshooting steps? Any help would be greatly appreciated.
Update
I came across this SO Question and the answer below says If you are not distributed via Google Play, the Play Integrity Provider does not work with your Firebase app Could it be the case that because I haven't uploaded a bundle with the play integrity dependency?
So the problem was that App integrity will not work properly if the app is not distributed from the Google play store (at least to my understanding). Once I tested my app with Play consoles' closed testing, app check worked fine for me, just make sure that you have set up everything correctly!
I added the below on the original question before I found the solution which actually ended up helping me, hope it helps someone else in the future as well, good luck!
I came across this SO Question and the answer below says If you are not distributed via Google Play, the Play Integrity Provider does not work with your Firebase app Once I started testing through play store which properly used the play integrity API it worked fine, however now that I checked, it still says under play integrity that I have not integrated it...
- Your app currently targets API level 30 and must target at least API level 31 to ensure it is built on the latest APIs
- How can I reduce the size of a library folder?
- Stream Audio from Client to Server to Multiple Clients Java
- Talkback does not specify index out of list count in RecyclerView
- Panorama 360 viewer with phonegap
- opening an external "file explorer" app: how to get absolute path from a uri pointing to a folder
- Which ParseException may be thrown on signup/login attempt
- What I should add as a key to LaunchedEffect to be changeable?
- Variable not updated in a Coroutine
- How To Stop Git-Bash command on windows
- Getting Error while Dexing. after upgrading flutter to 3.19.0
- Can't find the option to change privacy policy for Android app already on play store
- Button not responding to Click Event after Translation animation
- Using libcurl in C++ Android application using CMake
- Why compose adds extra text to Accessibility?
- packages have newer versions incompatible with dependency constraints
- How can I scroll to the beginning of a paged list after the start of the list is no longer presented
- why flutter_fortune_wheel always run instantly after page open?
- How to create Viewpager Transformation in Jetpack Compose?
- Remove underline from TextInputEditText
- String replace isn't working for some cyrillic characters
- How to create push notification with long text and picture in one style
- Android ListPopupWindow's method isShowing() does not work
- How to remove top and bottom padding exo player in android jetpack compose?
- flutter doctor --android-licenses does not work
- Eliminating Blinking Effect in Rotational Animation of List Elements
- Flutter Firebase and Android issue - unable to initialise. Cannot find google-services.json with latest (sept 2020) migration instructions executed
- Magento REST API for Android Application
- input type=number not possible to insert negative numbers on mobile phone
- Why doen't Compose trigger a recomposition on State update?