You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/entra/entra-id/app-integration/android-app-authentication-fails-after-published-to-google-play-store.md
+10-10Lines changed: 10 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,15 +8,15 @@ ms.custom: sap:Developing or Registering apps with Microsoft identity platform
8
8
---
9
9
# Authentication failed after Android app is published to Google Play Store
10
10
11
-
This article provides a solution to an authentication failure that occurs after users install an Android app that's published to Google Play Store.
11
+
This article provides a solution to an authentication failure that occurs during signing in after users install an Android app that's published to Google Play Store.
12
12
13
13
## Symptoms
14
14
15
15
Consider the following scenario:
16
16
17
17
- You have successfully implemented Microsoft Entra Authentication in your Android app with the Microsoft Authentication Library.
18
18
- The app has been built and executed, and passed all QA testing.
19
-
- You publish the app on Google Play Store.
19
+
- You publish the app to Google Play Store.
20
20
21
21
After users install the app, authentication doesn't work when signing in to the app.
22
22
@@ -44,24 +44,23 @@ The public signature hash of an application installed via Google Play differs fr
44
44
45
45
To resolve this issue, do the following things:
46
46
47
-
- Get the new signature hash with the MSAL Package Inspector tool or from the Google Play Console.
48
-
- Add a new redirect URI to the App Registration in the Azure portal with the new signature hash.
49
-
- Update the MSAL configuration within the application code to use the new redirect URI and signature hash.
47
+
-[Get the new signature hash with the MSAL Package Inspector tool or from the Google Play Console](#get-the-new-signature-hash-with-the-msal-package-inspector-tool-or-from-the-google-play-console).
48
+
-[Add a new redirect URI to the App Registration in the Azure portal with the new signature hash](#add-a-new-redirect-uri-to-the-app-registration-in-the-azure-portal-with-the-new-signature-hash).
49
+
-[Update the MSAL configuration within the application code to use the new redirect URI and signature hash](#update-the-msal-configuration-within-the-application-code-to-use-the-new-redirect-uri-and-signature-hash).
50
50
51
-
### Find the new signature hash
51
+
### Get the new signature hash with the MSAL Package Inspector tool or from the Google Play Console
52
52
53
53
You can get the new signature hash by using the MSAL Package Inspector tool or from the Google Play Console.
54
54
55
-
To install and use the MSAL Package Inspector, see
To install and use the MSAL Package Inspector, see [Package Inspector for MSAL Android Native Guide](https://blogs.aaddevsup.xyz/2022/03/package-inspector-for-msal-android-native-guide/).
57
56
58
57
To get the signature hash from the Google Play Console, follow these steps:
59
58
60
59
1. Go to the Google Play Console and sign in with your Google Developer account.
61
60
2. Once you are in the Google Play Console, select the app you works on.
62
61
3. On the left navigation, under the **Release** category, expand **Setup** and select **App Integrity**.
63
62
4. Select the **App signing**tab. You will see the **fingerprint** of the app signing key in three different variations.
64
-
5. Copy the **SHA-1 certificate fingerprint** and paste it into the following PowerShell script as the value of the `$Thumbprint` variable.
63
+
5. Copy the **SHA-1 certificate fingerprint** and paste it into the PowerShell script in step 6 as the value of the `$Thumbprint` variable.
65
64
6. Run the following script to obtain the base64 encoded fingerprint that MSAL needs:
66
65
67
66
```powershell
@@ -93,12 +92,13 @@ To get the signature hash from the Google Play Console, follow these steps:
93
92
5. Under **Configure platforms**, select **Android**.
94
93
95
94
:::image type="content" source="media/android-app-authentication-fails-after-published-to-google-play-store/app-reg-platform-config.png" alt-text="Screenshot that shows how to configure Android platform.":::
96
-
6. Enter the package name of your Android app and the new signature hash in the indicated fields and then select **Configure**.
95
+
6. Enter the package name of your Android app. Also generate and enter the signature hash.
97
96
98
97
:::image type="content" source="media/android-app-authentication-fails-after-published-to-google-play-store/app-registrations-configure-android-app.png" alt-text="Screenshot that shows how to configure an Android app.":::
99
98
100
99
> [!NOTE]
101
100
> It's fine to use the same package name in multiple Android Redirect URIs as long as the signature hash is different.
101
+
7. Select **Configure** to complete the platform configuration.
102
102
103
103
### Update the MSAL Configuration within the application code to use the new redirect URI and signature hash
0 commit comments