Firebase Auth: Requests from this Android client application com.xxx are blocked

Question

I'm implementing the standard tutorial for Firebase AuthUI in my android app. However, when testing I try to sign-in using Google sign-in from within the app and get the following exception:

com.google.firebase.FirebaseException: An internal error has occurred. 
[ Requests from this Android client application com.xxx are blocked. ]

The app displays the "Google SmartLock" banner as if it's signing me in, but then disappears and in the logcat I see the error above.

I verified that my SHA-1 certificate fingerprints for both debug and release are in the Firebase console. I've been using them for some time in this app so I know they are correct.

I have enabled both Google sign-in and email sign-in on the Firebase Auth Console. I've tried both email/google sign-in and both processes begin but fail with the same exception. I have also downloaded and used a new google-services.json file -- no change.

The application name is correct. Why are they blocking me? Has anyone had any luck contacting firebase support?

Here's a snippet from build.gradle:

api 'com.android.support:support-v4:27.1.1'
api 'com.android.support:appcompat-v7:27.1.1'
api 'com.android.support.constraint:constraint-layout:1.1.2'
api 'com.google.firebase:firebase-storage:16.0.1'
api 'com.google.firebase:firebase-core:16.0.1'
api 'com.google.android.gms:play-services-maps:15.0.1'
api 'com.google.android.gms:play-services-location:15.0.1'
api 'com.google.android.gms:play-services-ads:15.0.1'
api 'com.google.code.findbugs:jsr305:3.0.2'
api 'com.google.apis:google-api-services-storage:v1-rev68-1.21.0'
implementation 'com.firebaseui:firebase-ui-storage:0.6.0'
implementation 'com.firebaseui:firebase-ui-auth:4.0.0'
testImplementation 'junit:junit:4.12'

Logcat:

/com.x.x W/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzal@13ca6fd
/com.x.x D/FA: Logging event (FE): user_engagement(_e), Bundle[{firebase_event_origin(_o)=auto, engagement_time_msec(_et)=12629, firebase_screen_class(_sc)=PhotoActivity, firebase_screen_id(_si)=-1316627329056180637}]
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=PhotoActivity, firebase_previous_id(_pi)=-1316627329056180637, firebase_screen_class(_sc)=KickoffActivity, firebase_screen_id(_si)=-1316627329056180636}]
/com.x.x D/FA: Connected to remote service
/com.x.x D/FA: Logging event (FE): user_engagement(_e), Bundle[{firebase_event_origin(_o)=auto, engagement_time_msec(_et)=1312, firebase_screen_class(_sc)=KickoffActivity, firebase_screen_id(_si)=-1316627329056180636}]
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=KickoffActivity, firebase_previous_id(_pi)=-1316627329056180636, firebase_screen_class(_sc)=SingleSignInActivity, firebase_screen_id(_si)=-1316627329056180635}]
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=SingleSignInActivity, firebase_previous_id(_pi)=-1316627329056180635, firebase_screen_class(_sc)=SignInHubActivity, firebase_screen_id(_si)=-1316627329056180634}]
/com.x.x W/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzal@13ca6fd
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=SignInHubActivity, firebase_previous_id(_pi)=-1316627329056180634, firebase_screen_class(_sc)=SingleSignInActivity, firebase_screen_id(_si)=-1316627329056180635}]
E/Volley: [23564] BasicNetwork.performRequest: Unexpected response code 403 for https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyAssertion?alt=proto&key=[key]
E/Volley: [23564] BasicNetwork.performRequest: Unexpected response code 403 for https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyAssertion?alt=proto&key=[key]
I/AuthChimeraService: Error description received from server: Requests from this Android client application com.x.x are blocked.

/com.x.x E/AuthUI: A sign-in error occurred.
com.google.firebase.FirebaseException: An internal error has occurred. [ Requests from this Android client application com.x.x are blocked. ]

Answer 1

The Google Cloud API key I was using was restricted to android with my package name, but only the production SHA-1 certificate fingerprint was given, not the debug key. I added the debug key's SHA-1 certificate along with the package name so that both production and debug certificates appear in the "Application Restrictions" for the key and it worked. Apparently being "blocked" by firebase means your API key may be restricted improperly.

Answer 2

I just faced the same problem today and fortunately solved the problem. I still don't have any idea why this was happening but here are the steps I had taken to solve :

1. Delete the already added SHA-1 signing-certificate fingerprint in the Firebase console settings.
2. Go to android studio and Sync Project with Gradle Files.
3. Add SHA-1 signing-certificate fingerprint again to the Firebase Console Settings.

Here is how you can add SHA-1 signing-certificate fingerprint to firebase : CLICK HERE

Answer 3

I noticed that for some reason on my Google Credentials API Key restriction, my SHA-1 fingerprint wasn't included.

To find your API Key, go to console.cloud.google.com/apis/credentials?project=. Or go to the console.cloud.google.com -> Click on the hamburger icon on the top left -> APIs and Services -> Credentials

Choose the API Key that you're using. -Under "App Restrictions", choose "Android Apps" (If you're build an Android app for example) -Under "Restrict usage to your Android apps", Click "Add an item" -Enter your package name and your SHA-1 Fingerprint

To know how to find your SHA-1 Fingerprint, LINK

The signingReport task may be under Gradle(on the right vertical band) app -> tasks -> android