Issue with Facebook Key Hashes for the Android Application

During the last three months I have been working as a developer for a consulting android project. It is actually my first commercial experience (I do not count written demo examples at my previous work) and I found it extremely interesting, though a quite confusing at some moments.

The following article describes an observed problem with the facebook key hashes for the android application. To describe the problem and its solution, let’s define a simple use case.

Let’s assume we have an android application and want to integrate it with Facebook. The integration steps are available here (link to facebook) and we just follow it step by step. However, when we compile, deploy and run our application the first time, the following FacebookOperationCanceledException exception is raised up:

com.facebook.FacebookOperationCanceledException: remote_app_id does not match stored id

That is it about the use case. To be honest, the exception has got me in a tight corner and I spent at least a few hours to figure out what the heck is going wrong with the application id. Where did I get the exception? Check the following code that opens the active facebook session:

private void openFBSession() {
	Session.openActiveSession(this, true, new Session.StatusCallback() {

		public void call(Session session, SessionState state, Exception exception) {
			// some code

When the SessionState object is CLOSED_LOGIN_FAILED, the exception object become initialised.

The most confused part about the exception is its message. As you can see in the Getting Started with the Facebook SDK for the Android article, every registered application on facebook has the App ID and in case with the android integration, developers have to define the app_id value in the strings.xml file as shown in the step 6 (Link to the SDK project and configure the Facebook app ID). So, I checked the application id twice and no problems were found. I checked all article steps one more time. No luck. Fortunately, I had enough time to play around and I have begun my research.

As you can see, the step #2 of the facebook article requires to install the Facebook SDK for Android and the Facebook APK on the device. I removed the APK, ran my application one more time and tried to login with Facebook once again. No exception was thrown. What is the difference? Well, when you run your application without the installed Facebook APK, your app does not work natively and when you try to run it, you may see something similar in LogCat:

03-04 21:12:05.126: D/FacebookSDK.WebDialog(1882): Webview loading URL:…

Actually, it was a sign. Definitely, there was a problem with some native application settings. I installed the Facebook APK one more time and returned to the facebook application settings. The Native Android App section of the facebook application settings has not too many parameters, yet the Key Hashes description is interesting:

Your app key hash is required for Facebook Login in order to perform security check before authorizing your app. You can add more than one Key Hashes in case your app is supported on multiple Android platforms.

I returned to the step #4 (Generating the key hash on the local computer) and regenerated the hash one more time. Again, no luck yet I was sure that something was wrong exactly with this part. I added the key hash to the settings based on the terminal output, however, I was wondering how I can see this key hash at runtime. The following code snippet brought to the console exactly what I looked for:

try {
	PackageInfo info = getPackageManager().getPackageInfo("com.myapp", 
	for (Signature signature : info.signatures) {
		MessageDigest md = MessageDigest.getInstance("SHA");
		Log.i("Digest: ", Base64.encodeToString(md.digest(), 0));
} catch (NameNotFoundException e) {
	Log.e("Test", e.getMessage());
} catch (NoSuchAlgorithmException e) {
	Log.e("Test", e.getMessage());

As it was expected, the key was not the same that the following terminal command gave me:

keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64

I copied the key hash from LogCat, updated the Key Hashes value in the application settings and tried to login. Bingo! Finally, I received the successful result.

Well, unfortunately I did not get why the problem raised but it was solved anyway. I googled the exception in case to find what the problem root was. No luck, though I found the same solution on stackoverflow.

Hopefully, I will understand the problem deeply a little later when I become more familiar with android.

Category: Android, Android, Development, Java


Comments are closed.