Question 76460 in Flutter Question posted in
The official Flutter documentation can be found here.

Validate phone authentication without showing the Recaptcha on Android in February 2023 (Firebase) – Flutter

I developed an app with Flutter and Firebase that uses the phone authentication feature for Android and IOS. Everything works as expected except that the recaptcha is showing for Android.

To solve this, it says in the documentation that we need to use SafetyNet, however, it is impossible now to enable it from Firebase AppChecker since it’s deprecated. I have been using the new Play Integrity API that is supposed to replace SafetyNet but it doesn’t seem to work at the moment (the recaptcha is visible).

If someone has a solution, please share it!
Thank you in advance for your time 🙏

Tags:

3

Answers


  1. 0

    You’re right: the SafetyNet API is deprecated and cannot be used for newly created projects after 31 January 2023.

    Unfortunately, the Play Integrity API cannot handle OTP authentication at the moment. The Google Support wrote me:

    […] Please note that Firebase Phone Authentication (OTP) has not yet been featured for Play Integrity API yet.

    The solution is to further use the SafetyNet Attestation API. You have to apply for this. The process took around three weeks for my project.

    If you got approved, you have to go to the library page in your Google API Console and activate the "Android Device Verification API".

    With the following project setup it should work and you shouldn’t see the recaptcha anymore:

    • Google Cloud Console: Link your app via App Integrity with the Google Play Integrity API
    • firebase project –> App Check –> Select your Android app –> Link it with the Play Integrity API
    • Enable Android Device Verification API after successfully applying for it

    Note: the process is independent of using Flutter and is the same for e.g. also React Native or Android projects.

    Login or Signup to reply.
  2. 0

    I faced a lot of issues with Google Authentication Service. Sometimes, OTPs don’t come through properly. My suggestion is to go for third-party API services instead, as this can lead to less code. Some of the third-party phone authentication services include:

    2 Factor

    Text Local

    These services offer phone authentication solutions and can be used as alternatives to Google Authentication Service.

    Login or Signup to reply.
  3. 0

    I was having a similar challenge but this was happening during development however, after deploying it to playstore it stopped. Firebase phone authentication is not suppose to require reCAPTCHA but if you experiencing this then probably:

    1. You making too many request with that number within a short period.
      Solution: Whitelist the number you using for the authentication when in development.
    2. You are using a phone number that is frequently used for spam or abuse, Firebase may require a reCAPTCHA challenge to ensure that the verification request is legitimate.
      Solution: Use a different number for the authentication.
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search