The Home APIs uses OAuth 2.0 to grant access to devices in the
structure. OAuth allows a user to grant permission to an app or service without
having to expose their login credentials.

If you already have a verified OAuth client (for example, from an already
published app), you can use that client to test the Home APIs without setting up
a new one. For more information, see [If you have an existing OAuth
client](https://developers.home.google.com/apis/android/oauth#existing).

## Sign the app

First, generate a debug certificate by running your app in
Android Studio.
When you run or debug an app in Android Studio, it
automatically generates a debug certificate intended for development and
debugging.
See [Android Studio: Sign your debug
build](https://developer.android.com/studio/publish/app-signing#debug-mode)
for a complete explanation.

Once the app is running:

1. Connect your mobile device to your local machine.
   Android Studio will list
   your connected devices by model number. Select your device from the list,
   then click *Run project*. This builds and installs the Sample App on your
   mobile device.

   For more detailed instructions, see [Run apps on a hardware
   device](https://developer.android.com/studio/run/device)
   on the Android Developers site.
2. Stop the running app.

3. Get the debug certificate's SHA-1 fingerprint by following the instructions
   detailed in [Setting up OAuth 2.0 / Native applications /
   Android](https://support.google.com/cloud/answer/6158849#zippy=%2Cnative-applications%2Candroid:%7E:text=input%20device%20flow.-,Android,-Note%3A%20Currently%2C%20obtaining)
   on the Google Cloud Console Help site.

   <br />

   | **Tip:** To determine the location of your project's keystore in either Android Studio 2024.2.1 ('Ladybug') or later:
   | 1. In **Settings** \> **Experimental** , make sure **Configure all Gradle tasks during
   |    Gradle Sync** is selected.
   | 2. Open the Gradle Tool Window.
   | 3. Select your project.
   | 4. Expand the Gradle settings tree starting from **app** ( **app** \> **tasks** \> **android** ).
   | 5. Under **android** , select **signingReport** .  
   |    ![Screenshot of expanded project Gradle configuration tree](https://developers.home.google.com/static/apis/images/android-studio-project-gradle-configuration.png)
   | 6. The Signing Report appears in the lower panel. Look for the line that starts with **Store** . This tells you the location of the `debug.keystore` file.

   <br />

## Set up the OAuth consent screen

1. In the Google Cloud console, go to the [project selector dashboard](https://console.cloud.google.com/projectselector/home/dashboard) and select the project that you want to use to create OAuth credentials.
2. Go to the **APIs and Services** page, and click **Credentials** in the navigation menu.
3. If you haven't yet configured your consent screen for this Google Cloud
   project, the **Configure consent screen** button appears. In that case,
   configure your consent screen using the following procedure. Otherwise, move
   on to the next section.

   1. Click **Configure consent screen** . The **OAuth consent screen** page displays.
   2. Depending on your use case, select **Internal** or **External** , and then click **Create** . The **OAuth consent screen** pane displays.
   3. Enter information on the **App information page** according to the on-screen instructions, and then click **Save and continue** . The **Scopes** pane displays.
   4. You don't need to add any scopes, so click **Save and continue** . The **Test users** pane displays.
   5. Click **Audience** and click the **+ ADD USERS** button.
   6. Enter your test user email address and click the **SAVE** button.
   7. Click **Save and continue** . The **Summary** pane displays.
   8. Review your OAuth consent screen information, and then click **Back to
      dashboard**.

See [Setting up your OAuth consent
screen](https://support.google.com/cloud/answer/10311615#user-type&zippy=%2Ctesting%2Cexternal%2Cinternal)
on the Google Cloud Console Help site for full details.

## Register the app and create credentials

To register the app for OAuth 2.0 and create OAuth credentials, follow the
instructions provided in
[Setting up OAuth 2.0](https://support.google.com/cloud/answer/6158849).
You'll need to indicate the app type, which is **native/Android app**.

Add the SHA-1 fingerprint you got from [signing the app](https://developers.home.google.com/apis/android/oauth#sign_the_app) to the
OAuth client you set up on the Google Cloud console by following the
instructions in
[Setting up OAuth 2.0 / Native applications](https://support.google.com/cloud/answer/6158849#zippy=%2Cuser-consent%2Cpublic-and-internal-applications%2Cnative-applications%2Candroid:%7E:text=Web%20applications-,Native%20applications,-If%20your%20application)
on the Google Cloud Console Help site.

With your mobile device connected to your local machine, select your device from
the list, then click **Run project** again to run it. For more detailed
instructions, see
[Run apps on a hardware device](https://developer.android.com/studio/run/device)
on the Android Developers site.

## If you have an existing OAuth client

If you already have a verified OAuth client for a published app,
you can use your existing OAuth client to test the Home APIs.

Google Home Developer Console registration is not required to test and use the Home APIs.
However, you will still need an approved
Developer Console registration to publish your app, even if you have a
verified OAuth client from another integration.

The following considerations apply:

- There is a 100-user limit when using an existing
  OAuth client. For information about adding test users, refer to
  [Set up the OAuth consent
  screen](https://developers.home.google.com/apis/permissions#set_up_the_oauth_consent_screen).
  Independent of OAuth verification, there is a Home APIs-imposed
  limit of 100 users who can grant permissions to your application.
  This limitation is lifted upon
  completion of Developer Console registration.

- Developer Console
  registration should
  be sent for approval when you are ready to restrict device-type grants
  through OAuth in preparation for updating your app with the Home APIs.


  | **Important:** The Google Home Developer Console is not yet available for registration.

  <br />

For Google Cloud apps that are still pending OAuth verification,
users can't complete the OAuth flow until verification is complete. Attempts to
grant permissions will fail with the following error:  

    Access blocked: <Project Name> has not completed the Google verification process.