AI-generated Key Takeaways
- 
          To use Google Fit for Android, an OAuth 2.0 client ID linked to your app's certificate/package pair is required. 
- 
          You need your app's SHA-1 fingerprint from either a debug or release certificate to request an OAuth 2.0 client ID. 
- 
          The keytoolprogram is used to display the SHA-1 fingerprint of your app's certificate.
- 
          Requesting an OAuth 2.0 client ID involves finding certificate information, creating or modifying a Google API Console project, and requesting the ID within the console. 
Overview
To use the Google Fit for Android, you need an OAuth 2.0 client ID for Android applications.
All Android apps are signed with a digital certificate for which you hold the private key. Refer to the Android guide to signing your applications for more information about digital certificates.
Android OAuth client IDs are linked to specific certificate/package pairs. You only need one ID for each certificate, no matter how many users you have for the app.
Getting an ID for your app requires several steps. These steps are outlined below.
- Find your app's certificate information.
- Create or modify a project in the Google API Console.
- Request an OAuth 2.0 client ID.
Find your app's certificate information
The API key is based on a short form of your app's digital certificate, known as its SHA-1 fingerprint. To display the SHA-1 fingerprint for your certificate, first ensure that you are using the right certificate. You may have two certificates:
- A debug certificate: The Android SDK tools generate this certificate automatically when you do a debug build. Only use this certificate with apps that you're testing. Do not attempt to publish an app that's signed with a debug certificate. The debug certificate is described in more detail in Signing in Debug Mode in the Android Developer Documentation.
- A release certificate: The Android SDK tools generate
  this certificate when you do a release build. You can also generate this
  certificate using the keytoolprogram. Use this certificate when you are ready to release your app to the world.
Follow the steps below to display a certificate's SHA-1 fingerprint using
  the keytool program with the -v parameter. For more
  information about Keytool, see the
  Oracle documentation.
Displaying the debug certificate fingerprint
- Locate your debug keystore file. The file name is - debug.keystore, and is created the first time you build your project. By default, it is stored in the same directory as your Android Virtual Device (AVD) files:- macOS and Linux: ~/.android/
- Windows Vista and Windows 7:  C:\Users\your_user_name\.android\
 
- macOS and Linux: 
- List the SHA-1 fingerprint: - For Linux or macOS, open a terminal window and enter the following: - keytool -list -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android 
- For Windows Vista and Windows 7, run: - keytool -list -v -keystore "%USERPROFILE%\.android\debug.keystore" -alias androiddebugkey -storepass android -keypass android 
 
You should see output similar to this:
Alias name: androiddebugkey Creation date: Jan 01, 2013 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=Android Debug, O=Android, C=US Issuer: CN=Android Debug, O=Android, C=US Serial number: 4aa9b300 Valid from: Mon Jan 01 08:04:04 UTC 2013 until: Mon Jan 01 18:04:04 PST 2033 Certificate fingerprints: MD5: AE:9F:95:D0:A6:86:89:BC:A8:70:BA:34:FF:6A:AC:F9 SHA1: BB:0D:AC:74:D3:21:E1:43:07:71:9B:62:90:AF:A1:66:6E:44:5D:75 Signature algorithm name: SHA1withRSA Version: 3
Displaying the release certificate fingerprint
- 
    Locate your release certificate keystore file. There is no default location or name for the release keystore. If you don't specify one when you build your app for release, the build will leave your .apkunsigned, and you'll have to sign it before you can publish it. For the release certificate, you also need the certificate's alias and the passwords for the keystore and the certificate. You can list the aliases for all the keys in a keystore by entering:keytool -list -keystore your_keystore_name Replace your_keystore_namewith the fully-qualified path and name of the keystore, including the.keystoreextension. You'll be prompted for the keystore's password. Thenkeytooldisplays all the aliases in the keystore.
- 
    Enter the following at a terminal or command prompt: keytool -list -v -keystore your_keystore_name -alias your_alias_name Replace your_keystore_namewith the fully-qualified path and name of the keystore, including the.keystoreextension. Replaceyour_alias_namewith the alias that you assigned to the certificate when you created it.
You should see output similar to this:
Alias name: <alias_name> Creation date: Feb 02, 2013 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=Android Debug, O=Android, C=US Issuer: CN=Android Debug, O=Android, C=US Serial number: 4cc9b300 Valid from: Mon Feb 02 08:01:04 UTC 2013 until: Mon Feb 02 18:05:04 PST 2033 Certificate fingerprints: MD5: AE:9F:95:D0:A6:86:89:BC:A8:70:BA:34:FF:6B:AC:F9 SHA1: BB:0D:AC:74:D3:21:E1:43:67:71:9B:62:90:AF:A1:66:6E:44:5D:75 Signature algorithm name: SHA1withRSA Version: 3
The line that begins with SHA1 contains the certificate's SHA-1
  fingerprint. The fingerprint is the sequence of 20 two-digit hexadecimal
  numbers separated by colons.
Request an OAuth 2.0 client ID in the Google API Console
Follow these steps to create or modify a project for your app in the Google API Console, enable the Fitness API, and request an OAuth 2.0 client ID.
If you want to be guided through the process and activate the Fitness API automatically, click
Alternatively, follow these steps to enable the Fitness API in the Google API Console and get an OAuth 2.0 client ID.
- Go to the Google API Console.
- Select a project, or create a new one. Use the same project for the Android and REST versions of your app.
- Click Continue to enable the Fitness API.
- Click Go to credentials.
- Click New credentials, then select OAuth Client ID.
- Under Application type select Android.
- In the resulting dialog, enter your app's SHA-1 fingerprint and package name. For example: - BB:0D:AC:74:D3:21:E1:43:67:71:9B:62:91:AF:A1:66:6E:44:5D:75- com.example.android.fit-example
- Click Create. Your new Android OAuth 2.0 Client ID and secret appear in the list of IDs for your project. An OAuth 2.0 Client ID is a string of characters, something like this: - 780816631155-gbvyo1o7r2pn95qc4ei9d61io4uh48hl.apps.googleusercontent.com
