76

I have integrated my application with Facebook, and for this I am using Facebook's Graph API. I am retrieving profile and friends information. It is working fine on my device which has Android 2.3 (Gingerbread), but recently my client has faced an issue while he is trying to connect to Facebook through my app. He has Android 4.0 (Ice Cream Sandwich) on his device. When he clicks a button on the app that takes him to the Facebook login screen, after login he gets a message:

My app is misconfigured for Facebook login. Press Okay to go back to the application without connecting to Facebook.

Facebook error message

I am not getting what is the problem whether it is related to Android version or what.

How can I fix this problem?

Peter Mortensen
  • 28,342
  • 21
  • 95
  • 123
Arun Badole
  • 10,339
  • 19
  • 65
  • 93
  • 4
    Are you sure it is not related to SSO? I had the same issue where it worked fine when the FB app was not installed, but when the FB app was installed I got the error above. – Christer Nordvik Sep 12 '12 at 12:47
  • 4
    @AB1209, the accepted answer is the incorrect answer to your question. Please see below for my answer, and do not use the accepted answer as your solution. – Jesse Chen Sep 15 '12 at 18:28
  • 2
    @JesseChen, Thank you very much for your guidance. – Arun Badole Sep 17 '12 at 06:30
  • @AB1209 hii can you just unaccept the answer if some body wants to know about that they may do it with the wrong way ... – BBdev Sep 17 '12 at 08:05
  • 1
    Indeed, this error also happens in Facebook's own SDK samples! Go figure. – IgorGanapolsky Nov 05 '12 at 20:40
  • There's an easier way, check out this response: http://stackoverflow.com/a/22568861/570612 – unify Mar 21 '14 at 20:27

18 Answers18

90

I work at Facebook, and this is an important issue that needs to be addressed. The other answer for this question suggests that disabling SSO is very bad and will open up your app to malicious apps that can steal your user's Facebook credentials.

The hack launches a WebView dialog to Facebook without SSO, and the user must type their login credentials into that dialog. Malicious apps can then steal this information easily. It is always advised to implement Facebook SSO correctly to ensure that your app is secure and protect your user's sensitive data.

Prior to adding this error message, the dialog would automatically close without warning and fail silently. We added this error message to visually display that there is an issue with your app configuration in your Facebook app dashboard. For Android, if you check your LogCat, you'll see that after pressing "Okay", there should be an error message that will display a more technical description of what is causing the authentication to fail.

For example, if you use our Hackbook example and did not supply your own APP_ID in the source and did not add your hash key to the dashboard, you'll see this error in LogCat after pressing "Okay" in the native SSO dialog (if Util.ENABLE_LOG is set to true):

D/Facebook-authorize(24739): Login failed: invalid_key:Android key mismatch. Your key "uk3udeH7vrOGNFH2FJjdJbdWJWI" does not match the allowed keys specified in your application settings. Check your application settings at http://www.facebook.com/developers

We added the visual error message to help you. This, in theory, does not break previous implementations if it was implemented correctly to begin with. If you see this error message, that means you did not configure your app settings correctly on your dashboard.
Double check your Android Class/Package name, Android hash keys, etc. You will not see this message if you did everything correctly.

In summary, you are getting that error message because there is an issue with your app configuration, for example, a mismatch between the Android hash keys in your dashboard. Before Facebook added this error message, the dialog would launch, then automatically close and fail. To fix this, check your LogCat for any error messages and make sure that you have everything implemented correctly. You can read up on our documentation to make sure you have everything correct. Do not use the accepted answer for this question.

You can also follow the external bug report that a Facebook developer has reported for more updates.

Peter Mortensen
  • 28,342
  • 21
  • 95
  • 123
Jesse Chen
  • 4,928
  • 1
  • 18
  • 20
  • 5
    Hi, this is Shireesh from Facebook. I agree with Jesse here. Please do not follow the accepted answer here. Its most definitely a settings issue with your app. Do log the error and see the details. It will help you correct the issue on both Android as well as iOS. – Shireesh Asthana Sep 15 '12 at 02:17
  • 1
    FWIW I also had this issue; I resolved it by removing all the hashes and re-building my dev and production keys and adding them to the fb dev portal. +1 for this answer – Nirvana Tikku Sep 15 '12 at 18:51
  • 1
    Issue solved. Than you for the input. I'm new to android development. The solution provided by me, "solves" the problem but offers other problems. – rmcc Sep 17 '12 at 09:18
  • I am getting the same issue as @AB1209, and if the FB app isn't installed on my device, the SSO works in my app just fine, but if it is installed my app gives me that warning too. When I click "Okay" on the FB app, there is no message in logcat. Doesn't this imply that it's a bug with the Facebook app? Also, your 'external bug report' link is broken. – WOUNDEDStevenJones Sep 18 '12 at 20:39
  • When the FB app is installed on the device, SSO goes through the native app rather than opening up a `WebView`. If your app configurations are not set up correctly then native SSO (SSO using the native app) will not work and you will get this error. Make sure you don't have a filter on your logcat. An error message will be logged when you press "Okay". I suggest you go through the Hackbook example and make sure you can get native SSO to work. If you can't, then you need to figure that out before trying to get it to work on your own app. Fixed the link, thanks for reporting. – Jesse Chen Sep 18 '12 at 22:20
  • 1
    Ahhh, I believe my issue was that I only had the release key hash on my Facebook app, but I also needed to include the debug key hash, so when I was running in debug mode it kept giving me that error. Though I never did get logcat to give me that message... – WOUNDEDStevenJones Sep 25 '12 at 22:08
  • You need to set Util.ENABLE_LOG to be true in order for the logcat to be displayed. Glad you found the problem! – Jesse Chen Sep 26 '12 at 00:40
  • 2
    This guy knows what he's talking about. I had this same issue, and found that my token/key/whatever was incorrect due to a bad version of openSSL. once fixed, this message went away. Thanks Jesse! – Evan R. Oct 06 '12 at 00:17
  • 1
    @Jesse Then how do you explain this error happening in FB's SDK samples?? How in the world can we configure those samples on anybody's dashboard?? Here is the error your samples are throwing: "invalid_key: Android key mismatch. Your Key 'HDsaUSngHYxql6lednuuNNps9q4' does not match the allowed keys specified in your application settings. Check your aplication settings at http://www.facebook.com/developers – IgorGanapolsky Nov 05 '12 at 21:00
  • 1
    Igor, the tutorial for our sample apps clearly states to create your own Facebook app and configure the samples in order for it to work (which includes setting up the key hash). see: https://developers.facebook.com/docs/mobile/android/hackbook/ and https://developers.facebook.com/docs/mobile/android/build/#sig – Jesse Chen Nov 06 '12 at 00:22
  • 1
    I set Util.ENABLE_LOG to true but LogCat didn't show me any message or error from facebook SDK. – auy Nov 07 '12 at 11:04
  • @JesseChen - is Facebook doing anything to discourage the kind of implementation you advise against here? I've noticed some high profile Android apps (e.g. Flipboard) that appear to operate this way (forcing the user to enter their Facebook credentials into what appears to be a WebView), and a lot of others following suit. It's worrying to see so many apps making it seem normal to type your Facebook(/Twitter/Google/etc.) credentials in anywhere and everywhere. – Edward Coffey Nov 08 '12 at 01:35
  • Thanks Jesse Chen.. I had the same issue and solved now. Very informative. Thanks alot – Santhosh Nov 27 '12 at 06:24
  • @JesseChen :  Facebook authentication with hash keys seem to have some issues on Kindle Fire when the app is distributed through Amazon store. Can you give your comment on http://stackoverflow.com/questions/14639301/app-is-misconfigured-for-facebook-login-kindle-fire-integration-issue ? – iMysak Feb 02 '13 at 18:12
  • hey @JesseChen ,i am getting same issue, thing is its working me before some days but now its not working. currently its working in emulator but not in device. i change my hashkey yet its not worked. i am using with facebook connector pkg. please help me – Chintan Khetiya Mar 15 '13 at 05:16
  • @Jesse Chen Pls edit your answer...bcoz now your answer is accepted. – vnshetty Mar 27 '13 at 12:21
  • @JesseChen , check my answer... please correct me if i am wrong. – amalBit Jun 19 '13 at 11:26
  • @JesseChen Please check this too http://stackoverflow.com/questions/30612701/ios-facebook-sdk-your-apps-facebook-login-is-broken – iYoung Jun 03 '15 at 09:19
15

Try to set it like this:

First download OpenSSL (if you have a 64-bit machine you must download openssl-0.9.8e X64, not the latest version, openssl-0.9.8k X64, because the output will not be valid). Extract your files, create the folder openssl, for example in C:/ and copy files there.

Find your path to keytoo. Mine is C:\Program Files\Java\jdk1.7.0_05\bin.

Find your path to debug.keystore. YHou can see what is path if you open in Eclipse, menu Window -> Preferences -> Android -> Build, and you will see Default Debug keystore:-and the path.

Find your path to openssl. Mine is C:\openssl8e\bin/.

Open cmd and type:

"C:\Program Files\Java\jdk1.7.0_05\bin\keytool" -exportcert -alias androiddebugkey -keystore "C:\Users\User.android\debug.keystore" | "C:\openssl8e\bin\openssl" sha1 -binary | "C:\openssl8e\bin\openssl" base64

Aand then press Enter.

Insert password: android

You will get your hash key for debug.keystore.

When you export a signed APK, and you create a keystore for the application, just replace in cmd debugkeystore alias with your alias for the app, the keystore path with the path to your newly created keystore for the app and insert the password for your app.keystore, and you will get a new hash key for your signed app.

Peter Mortensen
  • 28,342
  • 21
  • 95
  • 123
androidEnthusiast
  • 1,047
  • 1
  • 11
  • 20
12

The answer from Jesse Chen is fine. Facebooks SDK works fine, don't break it.

I again ran into this problem and found out that the Facebook SDK documentation is corrected and is very fine now. Now it is guiding how to debug and release hash keys can be set; just do as it says.

Below is my old story. There is missing that you can set two hash keys, one for debugging and one for signed, released application for the old Play Store.

I found out that problem was in my case in the Facebook SDK's documentation. It guided us to use the debug key hash and put it in Facebook's app configuration. Hash is guided to get this way:

keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64

This works fine, when you are dubugging or running application from Eclipse.

But, if you publish your application to Andoid Play, you must use your own publisher key to export the signed .apk file. With that .apk, the hash in the Facebook app console is not valid any more! You must get a hash for the developer key like this:

keytool -exportcert -alias <developer alias> -keystore ~/.android/<developer keystore> | openssl sha1 -binary | openssl base64

And put it in the Android Key Hash in the Facebook app console for your published application. After that, SSO works fine again for your signed .apk file.

Peter Mortensen
  • 28,342
  • 21
  • 95
  • 123
Reijo Korhonen
  • 430
  • 3
  • 7
8

From what I could gather, it's a Facebook problem and has been reported. But, the problem persists.

A way around this (tested on 2.3.3) is to hack on the Facebook SDK, seach for the 2 authorize methods and change the DEFAULT_AUTH_ACTIVITY_CODE to FORCE_DIALOG_AUTH. This will disable the Single Sign On feature.

If your prefer got to 

public void authorize(Activity activity, String[] permissions,
            int activityCode, final DialogListener listener)

and disable the startSingleSignOn part. It's preferable not to, because eventually Facebook will solve the problem, and you only have to put the old constant back.

EDIT

This solution raises security problems. Check Jesse Chen answer.

rmcc
  • 695
  • 1
  • 5
  • 14
  • This works thanks.But I hope soon Facebook will resolve the issue. – Arun Badole Sep 13 '12 at 11:43
  • 4
    Hi everyone, I work at Facebook and we do not recommend that you use this hack. It is a security concern and can compromise your user's Facebook credentials. I posted a more thorough answer below. – Jesse Chen Sep 15 '12 at 02:03
5

I faced the same problem, after spending 24 hours and a lot of search we use this method to solve my problem.

  1. Check your Xcode project current bundle identifier for example : com.yourcompanyname.yourappname

  2. use the same com.yourcompanyname.yourappname bundle identifier for creating app in Facebook see attachment.

enter image description here

Flexo
  • 82,006
  • 22
  • 174
  • 256
9to5ios
  • 4,838
  • 2
  • 32
  • 59
3

I had this problem just a few minutes ago myself on 4.0.4 and it seems to have resolved itself.

haupman
  • 59
  • 7
3

Although late, still useful: *Here's the corerct way to do(for debug key, change accordingly for release):*

keytool -exportcert -alias androiddebugkey -keystore "C:\Users\<User>\.android\debug.keystore" > <Drive letter>:\debug.txt
openssl sha1 -binary "<Drive letter>:\debug.txt" > "<Drive letter>:\debug_sha.txt"
openssl base64 -in "<Drive letter>:\debug_sha.txt" > "<Drive letter>:\debug_base64.txt"

The hash is in the last generated file: debug_base64.txt....open it and copy the hash.

Remember to replace "" and with your username and drive letter of your choice

Nitin Bansal
  • 2,774
  • 3
  • 20
  • 27
2

When you create the key hash, you might end up with something which has the equality sign "=" at the end, like ga0RGNYHvNM5d0SLGQfpQWAPGJ8=. While Facebook gladly accepts the equality sign as part of the key hash, you have to remove it in order for it to work.

Additionally, check out the accepted answer to Android Facebook SDK 3.0 gives "remote_app_id does not match stored id" while logging in: when getting the key hash for the debug keystore, use the password "android". Otherwise the key hash will be incorrect and you will get the error specified in the question (be nice and vote up the answer there if it helped you.)

Community
  • 1
  • 1
gnobal
  • 17,853
  • 4
  • 28
  • 34
1

I managed to solve the issue I was having with misconfigured for Facebook on Android by ensuring I had the correct hash key for a release version.

To get the release version hash key, find the key you used to sign the application and do the following, insert the name of your keystore alias (without brackets). If you don't know your alias this can be found by exporting your app as a signed app and the alias is on the second page of the wizard. Also insert the path to your keystore (without brackets).

keytool -exportcert -alias [Alias of your keystore] -keystore [Path to keystore] | openssl sha1 -binary | openssl base64
Peter Mortensen
  • 28,342
  • 21
  • 95
  • 123
Jonathan Ogle-Barrington
  • 784
  • 1
  • 8
  • 29
1

Regarding apps signed with OWN keystore: After spending several hours solving this issue, I finally got it and want to provide an answer for those who are still suffering:

My steps: I signed my app via eclipse with my own keystore file (NOT debug.keystore). Via command line and known commands (keytool -exportcert -alias -keystore ~/.android/ | openssl sha1 -binary | openssl base64) I successfulluy received the key hash. Pasted the key hash in the dev dashboard,waited a few mins -> Still the same ERROR (as specified in the question above). i tried several differend keytools, on several jdks, etc... nothing changed.

Solution: I turned on debuggable in manifest, turned on debugging in facebook sdk. then i signed the apk with my own keystore and uploaded it on real device. i connected device via usb and opened DDMS perspective to see logcat on device.
I started my app and let the error message occur. It prints out a key totally different from the key generated by keytool. I took this key from logcat, pasted it to dev dashboard and voila -> EVERYTHING WORKS

I still don't know why this happens or what is causing the wrong key, but this way it works for me.

Niklas Mencke
  • 31
  • 1
  • 5
1

On Debian system like ubuntu use the keytool of java found under directory /usr/lib/jvm/jdk*.*.*/bin/keytool and generate like this

/usr/lib/jvm/jdk1.7.0/bin/keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64

This way you get the authentic hash key that can be put under your app hash of facebook.

laaptu
  • 2,852
  • 5
  • 27
  • 49
1

Usually this problem could be solved with two check:

  • flag in the facebook console to publish live the facebook configuration
  • api key mismatches
aorlando
  • 662
  • 5
  • 20
0

I did a Toast for exceptions and found it throws a key mismatch exception today added the key in the FB app page and it works fine

Akshay
  • 2,452
  • 3
  • 33
  • 51
Hari
  • 1
  • 1
0

I got the same error a few days ago. In my case it was due to an Android key mismatch. Here is how I fixed it if it may help you too:

Open Util.java in the Facebook SDK, set private static boolean ENABLE_LOG = true;. Now run your app and enter your email id and password. Facebook sends back a signature if there's a key mismatch. You'll find this key (signature) in LogCat. Just copy this key and paste it in the app dashboard. That should fix the problem. Remember to set private static boolean ENABLE_LOG = true; back to false.

Peter Mortensen
  • 28,342
  • 21
  • 95
  • 123
Srinivas Kattimani
  • 328
  • 3
  • 11
0

Also encountered this issue.

Simply go to the Facebook developers getting started page here

and follow step 4 - the thing with the command line.

Worked for me.

Enjoy.

Michael Assraf
  • 101
  • 2
  • 3
0

I just had the same problem and the solution turned out to be super simple. When I created the app in the dashboard, I only had added the key hash for the android debug keystore. This all works fine if you install the app as a developer via a USB cable in this case.

Once you have an app in the Play Store, you will use a production key to sign the app. This also means, that you have to get the key hash of the production key like for the debug key and add it as a second hash to the list of native app hashes.

just to remember you how the key hash works: keytool -exportcert -alias -keystore ~/keys/android_keystore | openssl sha1 -binary | openssl base64

Hope that helps!

Sven Haiges
  • 2,558
  • 5
  • 37
  • 52
0

I had a similar problem, but for iOS.

The solution is to do with configuring the Facebook app on the Facebook developer daskboard.

For iOS, 2 things must be done:

  1. Enabled Facebook Login

  2. Bundle ID must be the same as the app

samwize
  • 21,403
  • 14
  • 118
  • 171
0

It's a keystore issue..configure your eclipse to use the same keystore for which app was configured for.

oneConsciousness
  • 282
  • 2
  • 7
  • Why does it use the debug.keystore keyhash? Once the app is released, isn't it supposed to use the keyhash from the keystore file used to sign the application? – Rameez Hussain Dec 18 '12 at 11:18