-
Notifications
You must be signed in to change notification settings - Fork 892
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
verifyPhoneNumber
errors with auth/invalid-app-credential
only on localhost
#8387
Comments
I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight. |
firebase has issue on its servers |
I'm also facing the same exact issue. It suddenly stopped working locally but on deployed version (vercel) it works fine with same firebase config. |
Do they know they have an issue? Are they working on the fix? Is there a ticket we can track? |
We are also having this issue, with a Ionic Cordova app, since past friday. |
We also have a ticket opened at GCP. For those that want a temporary workaround, you can serve on |
I tried |
Also seeing this I added 127.0.0.1 as an authorised domain and switched our app to do that and it worked fine Would be great if firebase can fix asap as we have a lot of other apps that need to be reconfigured and don't want to have to add everywhere |
Hi @MaciejCaputa, thanks for reaching out to us. I was able to replicate the behavior. Let me check what we can do for this issue with our Auth team or bring someone here that can provide more context about it. I’ll update this thread if I have any information to share. |
I'm encountering the same issue in my React project. It seems to only occur in the web app, while it works fine on mobile. |
Working only for test numbers, i am getting this error too in flutter with "signInWithPhoneNumber" |
its working in mobile correctly but issue face only on web |
not working |
I'm having this issue as well on a NextJS 14 app using app router. Other authentication mechanisms work, like anonymous auth and email auth. |
Hi I am having same problem with phone authentication on I have included
|
+1 seeing this issue a lot lately |
Hi all, This error is due a change in Auth Service policy which no longer supports localhost for The Auth team has suggested the use of fictional phone numbers for testing purposes. I'm going to remove the |
Hi @aem, for local development testing, you should be able to use configured fictional phone numbers or Auth Emulator. Additionally, you can use
You won't see |
@aem that's odd. We verified that using fictional phone numbers worked.
|
oh, this is a bad dream all ionic project use a webview with localhost , so all ionic capacitor would be a trash , I have checked my website could work well with a proper domain , but it could not work for ionic capacitor project , that is a bad dream |
@NhienLam Why is it that Also, whoever rolled out this update could have saved thousands of developers many hours just by having a more informative error message like If Google/Firebase actually cares about their users, they should really consider the economic cost of bad error messages like this before rolling them out unannounced. |
Hello, Anyone else having this issue coming up in a hosted environment? I have not found a pattern yet, but the error is showing up in our systems even when deployed. I have not found a reproducable pattern yet, but some of our developers are facing this issue regularly, especially in in-app browsers (like browser from instagram, browser from telegram). We use nextJS. |
We also use NextJS and experience that on products sometimes (15% of times) SMS codes are not delivered. We have not yet verified if it is because of this issue, or another issue, but I can't imagine mobile carriers loosing around 15% of SMS. Can anybody advise how we can report it? |
ionic capacitor or any hybrid app is dead now , customers complained and just wait for this issue to be fixed soon |
It is beyond my belief that Google just changes these things unilaterally without proper communication / documentation. The only solution for us now is to throw out this gcp auth garbage and do our own flows. |
For anyone using ionic capacitor, the localhost issue can be fixed in production by updating the server hostname in your Ex. const config: CapacitorConfig = {
...
server: {
hostname: 'my-app.com',
androidScheme: 'https',
}
}; Here's the documentation: https://capacitorjs.com/docs/guides/autofill-credentials#set-capacitor-server-hostname |
+1 seeing this in production a fair amount |
Hey everyone, Did Google rolled back this update? I just tested it now (with non-testing real number) on localhost, and it is working again finally. |
It started working back again for me today after not working for a few weeks. hopefully it is now rolled back |
I can't confirm this. After performing the recaptcha, the error is still appearing for localhost and unclear if it still appears in production. Waiting on client feedback. ERROR 1: identitytoolkit.googleapis.com/v1/accounts:sendVerificationCode?key=:1 httperror 400 Failed to load resource: the requested URL /v1/accounts:sendVerificationCode?key= was not found on this server. firebase_core: ^2.25.4 doesn't work with |
I think they are working on it right now. Can someone confirm this from google team? I had 5 sign ups and it was also working from localhost, but now the error is appearing again. This is VERY BAD. Why can't we just roll it back and release it only when its properly tested and won't break all of our stuff ? |
did you place 127.0.0.1 instead of localhost in your browser too? that was for me 127.0.0.1:3000 instead of localhost:3000 |
Any updates here? Our team is still suffering from this. We are considering just to build this thing on our own or use another provider. |
There seems to be an issue not only with localhost, but potentially proxy or NAT-based networks (can't tell). We pulled the plug and deployed a custom Phone-Auth via Twillio, Firebase https-Functions, and customTokens. My advice to the Google Firebase/GCP team: |
It is funny for me. It feels like the team is constantly working on the issue, but they sort of pushing on prod and let us end users test it 😭 Sometimes it works flawlessly for hours or even half a day (I guess this is the time when they restore the older version of the API), then it randomly starts failing for few hours. Yesterday we had around 100 phone registration and 5 of them failed with this. Is there anyone here who has not migrated to their own solution yet and experiencing the same? |
When did this change from localhost come into effect? Is there a version of firebase we can roll back to? |
I can solve the problem by doing these
and you can keep your old codes and it could work normally client-side firebase from npm changed completely and it needs to change a lot of works , this is the shortest way I have found |
This does work but changing the hostname in capacitor.config can lead to a lot of other issues for Android, just FYI. I changed the hostname to 127.0.0.1 for the time being for 2FA to work again |
For local testing, use 127.0.0.1 and allow the same in authorized domain. It worked for me and it's always for me in the production. I was facing the issue only in the local environment |
IP> @NhienLam Why is it that
You are right , its working with other ips but not by localhost, i wasted 1 week to find solutions and enable every possible solution to fix this, and its currently working with just change by localhost to any IP |
use any IP instead of localhost |
Has anyone been able to fix this issue on a hosted site? Our local works just fine with a test number but in our hosted site in production (hosted on cloudfront) we can no longer get into the site which is very alarming. We haven't made any updates to the login flow on our site. |
Is there any update on this issue, as I am still facing this issue |
I've also been a recent victim of this issue, probably wasted about 10 hours of my life. If only AI could solve issues like these 😅 Step 1: use |
Operating System
macOS Sonoma 14.2.1
Browser Version
Chrome 126.0.6478.183
Firebase SDK Version
10.12.4
Firebase SDK Product:
AppCheck, Auth
Describe your project's tooling
Next.js using firebase app check with reCAPTCHA Enterprise with configured debug app check token
Describe the problem
On localhost
verifyPhoneNumber
calls following endpointhttps://identitytoolkit.googleapis.com/v2/accounts/mfaSignIn:start?key=<api-key>
which returns
Steps and code to reproduce issue
verifyPhoneNumber
in multifactor authentication flow on localhostImportant facts
verifyPhoneNumber
work perfectly fine, but stopped working couple of days ago only when developing locally on localhostThe text was updated successfully, but these errors were encountered: