AuthSession in a Bare Workflow for Android always returning 400 : invalid_request

  1. SDK : 48
  2. Platforms : Android

I have a bare workflow project that uses custom native code as well (can’t use expo prebuild). I did a few times the steps to get to sign in with Android but I always keep getting : Access blocked: Authorization Error. Error 400 : invalid_request. The details pretty much say : Request details : redirect_uri=com.myproject.myproject:/oauthredirect

I’ve triple checked and on Google Cloud my consent screen asks the needed scopes (email, profileId and profile). The OAuth clientId is the same one that is used in the app. I’ve logged the request from useAuthRequest and I am 100% sure it’s using the correct androidClientId. The OAuth clientId’s SHA-1 fingerprint matches the one in my console when I run eas credentials -p android as per the documentation.

One thing that isn’t clear from documentation : when using useAuthRequest in a bare workflow, do you have to redefine the redirectUri? I’ve tried not redefining it and logging the redirectUrl from the request, it shows me com.myproject.myproject:/oauthredirect. When I do try to redefine it like

redirectUri: makeRedirectUri({
   native: 'com.myproject.myproject://'

It gives me the same error message, but now the error just shows this new redirectUri. I don’t even know what the error is telling me, other than just tell me that there is an invalid_request and showing me the redirectUri…

Also it isn’t clear what the redirectUri has to look like. When I dont redefine the redirectUri, it seems to use the bundle name (com.myproject.myproject). But in the examples it seems like it should be using the name under expo.scheme (ex myproject)

Has anyone else gotten sign in with google on a bare workflow + custom native code to work?

It turns out that this was hard to debug because it wasn’t a single thing going wrong but a few

  • Make sure consent screen requires the correct scopes
  • Make sure the SHA-1 fingerprint of your app matches the one in the Android client Id
  • It doesn’t seem to always work when building directly an APK, but building an aab-> upload to playstore → download as signed apk seems to work flawlessly. This was the biggest time waster bc everything I did had no effect even though I had corrected the situation above

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.