If you are working with Firebase Authentication, Google Sign-In, Phone OTP verification, or Google Maps API in Flutter, you must generate SHA1 key in Flutter before your app can function correctly.

Many developers face authentication errors because they either generate the wrong SHA1 key or forget to add it in Firebase Console. In this complete guide, you will learn how to generate SHA1 key in Flutter using gradlew signingReport for both debug and release builds.

This article covers:

• How to generate SHA1 key in Flutter (debug build)
• How to generate release SHA1 key in Flutter
• Windows and Mac commands
• How to add SHA1 key to Firebase
• Common errors and fixes
• Advanced SHA1 generation using keystore
• Frequently asked questions

By the end of this guide, you will clearly understand how SHA1 key in Flutter works and how to use it correctly in production apps.

What is SHA1 Key in Flutter?

SHA1 (Secure Hash Algorithm 1) is a cryptographic fingerprint used to uniquely identify your Android app’s signing certificate.

When you generate SHA1 key in Flutter, you are actually generating the SHA1 fingerprint of your app’s signing keystore.

Firebase and Google APIs use this SHA1 key to verify:

• Your app identity
• Your app signature
• Security authenticity

Without the correct SHA1 key in Flutter, features like Google Sign-In and Phone Authentication will fail.

Why You Need to Generate SHA1 Key in Flutter

You must generate SHA1 key in Flutter if you are using:

• Firebase Authentication
• Google Sign-In
• Phone OTP verification
• Google Maps SDK
• Dynamic Links
• Firebase Cloud Messaging
• Play Integrity API

Every production Flutter app that integrates Google services requires a valid SHA1 key.

Method 1: How to Generate SHA1 Key in Flutter Using Gradlew signingReport

This is the official and most reliable method to generate SHA1 key in Flutter.

Step 1: Open Your Flutter Project

Open your project in:

• Android Studio
• VS Code

Step 2: Navigate to Android Directory

Open terminal and run:

cd your_flutter_project/android

Step 3: Run Gradle Signing Report Command

For Mac / Linux:

./gradlew signingReport

For Windows:

gradlew.bat signingReport

Press Enter.

Example Output of SHA1 Key in Flutter

After running the command, you will see output like:

> Task :app:signingReport
Variant: debug
Config: debug
Store: C:\Users\user\.android\debug.keystore
Alias: AndroidDebugKey
MD5: XX:XX:XX:XX
SHA1: AA:BB:CC:DD:EE:FF:11:22:33:44:55:66:77:88:99:00:AA:BB:CC:DD
SHA-256: XX:XX:XX:XX

The value shown after SHA1 is your SHA1 key in Flutter.

Copy this SHA1 key and paste it into Firebase Console.

Debug SHA1 vs Release SHA1 in Flutter

Many developers only generate debug SHA1 key in Flutter and forget release SHA1.

You must generate both.

Debug SHA1

Generated automatically using:

./gradlew signingReport

Uses default debug.keystore.

Release SHA1

Release SHA1 comes from your production keystore.

If you created your own keystore using keytool, you must generate SHA1 from that file.

How to Generate Release SHA1 Key in Flutter Using Keytool

If you have a release keystore, run this command:

keytool -list -v -keystore your_release_keystore.jks -alias your_alias_name

Enter your keystore password.

You will see:

SHA1: AA:BB:CC:DD:EE:FF:...

This is your release SHA1 key in Flutter.

You must add both debug and release SHA1 to Firebase.

How to Add SHA1 Key in Firebase Console

After you generate SHA1 key in Flutter:

1. Open Firebase Console
2. Select your project
3. Go to Project Settings
4. Select Android app
5. Scroll to SHA certificate fingerprints
6. Click Add Fingerprint
7. Paste SHA1 key
8. Save

Then download updated google-services.json and replace the old file in:

android/app/

Rebuild your Flutter project.

Common Errors While Generating SHA1 Key in Flutter

Error 1: gradlew not recognized

Solution:
Make sure you are inside android directory before running command.

Error 2: Permission denied on Mac

Run:

chmod +x gradlew

Then try again.

Error 3: Google Sign-In not working

Make sure:

• SHA1 key in Flutter matches Firebase
• You added correct package name
• You downloaded updated google-services.json

Read Articles: How to Deploy Flutter App on Google Play Store in 2026 (Complete Checklist)

Advanced: Generate SHA1 Hash from a String in Flutter

If you want to generate SHA1 hash programmatically in Flutter, use crypto package.

Add in pubspec.yaml:

crypto: ^3.0.0

Example:

import 'dart:convert';
import 'package:crypto/crypto.dart';void main() {
  String input = "Your Input String";
  var bytes = utf8.encode(input);
  var hash = sha1.convert(bytes);
  print(hash.toString());
}

This method generates SHA1 hash from any string, but this is different from app signing SHA1 key in Flutter.

Best Practices for Managing SHA1 Key in Flutter Projects

• Always generate both debug and release SHA1
• Store release keystore securely
• Never commit keystore passwords to GitHub
• Always re-download google-services.json after adding SHA1
• Verify package name matches Firebase

For production apps, release SHA1 is mandatory.

Read Articles: GenUI + Firebase AI in Flutter (2026): Building Dynamic, AI-Driven User Interfaces

Conclusion

Generating SHA1 key in Flutter is an essential step when integrating Firebase and Google services. Whether you are working with Google Sign-In, Phone Authentication, or Maps API, you must generate SHA1 key in Flutter correctly for both debug and release builds.

Using gradlew signingReport is the easiest and safest way to generate SHA1 key in Flutter. Always ensure that your SHA1 fingerprint in Firebase matches your signing keystore.

If configured correctly, your Flutter authentication features will work smoothly in both development and production environments.

Frequently Asked Questions (FAQ)

Read Articles: Flutter for IoT and IIoT : Building Real-Time Smart Device Applications