Persistent Cloud Anchors sample app - Failed to host a Cloud Anchorwith error ErrorNotAuthorized. Happens for keyless authentication

[ghost]

Your persistent cloud anchor app does not work. Fix it and update the sample app. I already tried the two apps I made using Sceneform and ARCore+OpenGL in Android Studio and I was able to host keyless anchors for 365 days without running into any error.

My Unity version is 2020.3.8f1 and I am using the recommended Gradle version. I even used the Gradle version recommended here but I get the same error. I followed the tutorial steps here but instead of using a key, I set it to keyless (because I want to host anchors for 365 days).

[devbridie]

I can't seem to reproduce this problem; here are the steps I followed:

1. Get the persistent cloud anchor sample app to work by following various instructions on the quickstart and build for Android 11.
2. Verified that the project does NOT work, as I did not configure any Google Cloud Platform settings.
3. In a new GCP project, I created a OAuth 2.0 client ID (and configured an OAuth consent screen), using package name from Player Settings > Android > Other Settings > Package Name and SHA values from keytool -keystore ~/.android/debug.keystore -list -v.
4. Enabled the ARCore Cloud Anchor API in GCP.
5. Rebuilt and ran the Persistent Cloud Anchor sample app. This time, I was able to host an anchor.

Make sure that the apk you're running matches the SHA-1 cert fingerprint listed in the Google Cloud console using Android/sdk/build-tools/30.0.1/apksigner verify --print-certs built-unity-game.apk.

I'm also using gradle-6.8.3, but I don't think that should matter (posting just in case)

[ghost]

I already have two other apps (made using Android Studio) that are using the same OAuth 2.0 client (I run only one of them at a time). I thought that was an issue, so I made a new one and assigned it a new name but it had the same SHA key as the previous OAuth 2.0 client (obtained by running keytool -keystore ~/.android/debug.keystore -list -v). Could that be causing an issue? Should I create a new keystore and get a new SHA Key for that and try again?

[ghost]

@devbridie you seem to have done the steps on ubuntu and not Windows 10. I created a new OAuth2.0 client (what do you mean by configuring the OAuth consent screen?) and set the SHA-1 key. Do I also need to set the keystore inside Unity3d?

[devbridie]

I think Unity should use the default debug keystore for Build And Run builds (~/.android/debug.keystore, %USERPROFILE%\.android\debug.keystore on Windows, I think), but you could try creating and assigning a new keystore in Publishing Settings and using that SHA-1 key in the cloud console instead.

[ghost]

I created a new keystore and added it in the Publishing Settings and added the new key to the cloud console as well but I still get the same error.

[devbridie]

what do you mean by configuring the OAuth consent screen?

I'm referring to this part (though you've probably already done it already):

More troubleshooting; double checking all bases here:

• https://console.cloud.google.com/apis/library/arcorecloudanchor.googleapis.com shows "API Enabled"?
• And clicking "Manage" and then "Credentials" shows a configured Client ID?
• And the Package name listed in this OAuth client coincides with an app you can find in adb shell pm list packages ?
• And this installation of the app was definitely signed using the keystore you created before?
  • Check by uninstalling the app,
  • Creating a new build of the app apk,
  • Confirm the SHA1 of the APK matches the value in console (apksigner verify --print-certs built-unity-game.apk).
  • Install the app using adb install built-unity-game.apk