How to Fix Android Firebase Authentication Error
In this tutorial, you'll learn about How to Fix Android Firebase Authentication Error. We cover key concepts, practical examples, and best practices to help you understand and apply this topic effectively.
The Problem
Firebase Auth fails with:
com.google.firebase.auth.FirebaseAuthInvalidCredentialsException:
The email address is badly formatted.
Or:
FirebaseAuthInvalidUserException: There is no user record
corresponding to this identifier.
Or Google sign-in returns 12500/12501 error.
Firebase authentication fails due to misconfigured Firebase project settings, missing SHA fingerprints, or incorrect sign-in method configuration.
Quick Fix
Step 1: Verify google-services.json
Download the latest google-services.json from the Firebase Console and place it in the app/ directory. Rebuild the project after replacing it.
Step 2: Enable sign-in methods in Firebase Console
- Go to Firebase Console > Authentication > Sign-in method
- Enable Email/Password, Google, Phone, or other providers
- For Google sign-in, configure the Support email
Disabled providers return FirebaseAuthInvalidCredentialsException.
Step 3: Add SHA certificate fingerprints
# Debug SHA1
keytool -list -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android
# Release SHA1
keytool -list -v -keystore /path/to/your-release-key.jks -alias your-alias
Add both SHA1 and SHA256 to Firebase Console > Project Settings > General > Your apps > Android app.
Step 4: Check the email format
// Firebase validates email format on the client
if (!Patterns.EMAIL_ADDRESS.matcher(email).matches()) {
// Show error before calling signInWithEmailAndPassword
return
}
auth.signInWithEmailAndPassword(email, password)
.addOnCompleteListener { task ->
if (!task.isSuccessful) {
Log.e("Auth", "signIn failed", task.exception)
}
}
Step 5: Handle user creation and sign-in
// Create user
auth.createUserWithEmailAndPassword(email, password)
.addOnCompleteListener { task ->
if (task.isSuccessful) {
// User created
} else {
when ((task.exception as? FirebaseAuthException)?.errorCode) {
"ERROR_EMAIL_ALREADY_IN_USE" -> // handle
"ERROR_WEAK_PASSWORD" -> // handle
}
}
}
// Sign in
auth.signInWithEmailAndPassword(email, password)
Always check the exception's errorCode for specific error handling.
Step 6: Configure OAuth client for Google sign-in
val gso = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken(getString(R.string.default_web_client_id))
.requestEmail()
.build()
The default_web_client_id is automatically added to strings.xml by the Google Services plugin.
Step 7: Check ProGuard/R8 rules
-keep class com.google.firebase.** { *; }
If ProGuard is enabled, add Firebase keep rules to prevent class name obfuscation.
Prevention
- Download a fresh
google-services.jsonbefore each release build. - Add both debug and release SHA fingerprints to the Firebase Console.
- Enable all required sign-in methods in the Firebase Console before coding.
Common Mistakes with Firebase auth
- Non-exhaustive pattern matches that compile with warnings then crash at runtime
- Misunderstanding that
Stringis[Char]with poor performance for large text operations - Using
foldlinstead offoldl'causing stack overflow on large lists
These mistakes appear frequently in real-world Android code. DodaTech's contributors have identified these patterns through analysis of open-source projects and production systems.
Practice Exercise
Write a pure function that safely divides two integers using Maybe, then test it with edge cases like division by zero and negative numbers.
This exercise reinforces the concepts covered in this guide. Try implementing it before checking online solutions.
FAQ
DodaTech Tool Reference
Durga Antivirus Pro can scan your APK to verify that google-services.json is bundled correctly and no API keys are exposed in plaintext in the released binary.
Built by the developers of DodaTech
Doda Browser, DodaZIP & Durga Antivirus Pro