Google SMS Retriever API not retreiving SMS messages

sms retriever api react-native
sms retriever api flutter
https developers google com identity sms retriever verify
google sms authentication
otp (token) should be automatically read from the message
sms retriever api ionic
android sms verification
android sms api

I'm trying to use Google's SMS Retriever API for Automatic SMS Verification. I have followed the directions here but my app is not receiving any SMS messages. Here is what I've done:

I've added the code in my activity to start the SMS retriever client:

    val client = SmsRetriever.getClient(this)
    val retriever = client.startSmsRetriever()
    retriever.addOnSuccessListener {
        Log.i("loginActivity", "started smsretriever")
    }

    retriever.addOnFailureListener {
        //Problem to start listener
    }

From the logs, I see this starts successfully. Then I add my broadcast receiver with this onReceive:

override fun onReceive(context: Context, intent: Intent) {
    if (SmsRetriever.SMS_RETRIEVED_ACTION == intent.action) {
        val extras = intent.extras
        val status = extras.get(SmsRetriever.EXTRA_STATUS) as Status

        when (status.statusCode) {
            CommonStatusCodes.SUCCESS -> {

            }
            CommonStatusCodes.TIMEOUT -> {

            }
    }
}

This only triggers when a TIMEOUT event is sent 5 minutes after the SMS retriever client starts. It never triggers for SMS messages.

Finally, I've registered the receiver in the Manifest:

<receiver android:name=".receiver.SMSReceiver" android:exported="true">
        <intent-filter>
            <action android:name="com.google.android.gms.auth.api.phone.SMS_RETRIEVED"/>
        </intent-filter>
    </receiver>

In terms of the text message, I am sending myself this SMS message: "<#> Your code is: 123456 verification hash: "

Any idea what I'm doing wrong?

Maybe your message has wrong construction, please check this link: SMS Retriever API. At the first point, your text message must be begin with <#> or [#]. And at the 4th point, Your text message must be-"End with an 11-character hash string that identifies your app"

I have the same issue and that points is my awareness, solve by adding <#> in begining and hash string at the end.

SMS Verification APIs, By using the SMS Retriever API, your app can automatically retrieve verification codes intended for your app, without having to request full SMS reading  Verify your users by SMS without making them deal with verification codes. By using the SMS Retriever API, your app can automatically retrieve verification codes intended for your app, without having to request full SMS reading permissions. Or, use the SMS User Consent API to get one-time permission to retrieve a single verification code.

Register the BroadcastReceiver inside SmsRetrievers addOnSuccessListener callback method, don't register in Manifest file.

val client = SmsRetriever.getClient(this)
        val retriever = client.startSmsRetriever()
        retriever.addOnSuccessListener {
            val listener = object : SMSBroadcastReceiver.Listener {
                override fun onSMSReceived(otp: String) {
                    Log.d("AppSignatureHelper",otp)
                    Toast.makeText(context, otp, Toast.LENGTH_SHORT).show()
                }

                override fun onTimeOut() {
                    Log.d("AppSignatureHelper","Timed Out.")
                }
            }
            smsBroadcastReceiver.injectListener(listener)
            registerReceiver(smsBroadcastReceiver, IntentFilter(SmsRetriever.SMS_RETRIEVED_ACTION))
        }
        retriever.addOnFailureListener {
            Log.d("AppSignatureHelper","Problem to start listener")
            //Problem to start listener
        }

Listener Interface is.

 interface Listener {
        fun onSMSReceived(otp: String)
        fun onTimeOut()
    }

Automatic SMS Verification with the SMS Retriever API, As time passes android is getting better in all means for example Following are the mandatory libraries to integrate SMS Retriever API into your project. From now not every app with READ SMS permission can access  In your whole application you are not using that SMS reading feature again. It is waste of the resources and time and code to check the SMS permission. Here Google came to save you with the SMS retriever API. This api allows to retrieve the OTP without needing of the SMS permission in your application.

Two problems I faced when I was trying to get this to work:

1) The SMS message needs to be well-formatted. You might think 'ok, I got it' but in my case I had more than one line break between the first line of the SMS and the signature hash key. Make sure you strictly follow this pattern:

<#> Your xy verification code is 123456
FA+9qCX9VSu

2) Make sure you're using the right hash key. Android will not call the onReceive method unless your signature hash in the SMS message matches the one from the running app. Why I say this? You will have different hashes on your local debug version and the version deployed in the store. One point to mention here is that google can take over the signing part for you once you upload the apk to google console.

Hope this helps... my two days are wasted now.

Android automatic SMS verification, In October, Google has announced updates to improve the user's privacy that will limit The data retrieved from it cannot be sold, transferred or used for marketing purposes. One alternative, is to use the SMS Retriever API. When the user's device receives the SMS message, Google Play services uses the app hash to determine that the message is intended for your app, and makes the message text available to your app through the SMS Retriever API. Your app parses out the one-time code from the message text and sends it back to your server.

I did the same way and it was perfectly working for me. Most likely that your application hash is wrong.

Secure Android OTP & Account Verification using the SMS Retriever , In your whole application you are not using that SMS reading feature again. Here Google came to save you with the SMS retriever API. This api allows to retrieve the OTP without needing of the SMS permission in your  From Device Settings Backing Up Messages to Google Drive. On your Android smartphone, you can take a backup of almost all kinds of data. By default, when you take a backup of your device, SMS text

I faced the same problem recently.

I figured out the problem was that I was using the production Keystore hash for testing in debug mode.

If you're running in debug mode, make sure to use the default keystore used to sign the debug apk.

The default debug keystore location is $HOME/.android/debug.keystore

As per the app-sign documentation:

When running or debugging your project from the IDE, Android Studio automatically signs your app with a debug certificate generated by the Android SDK tools. The first time you run or debug your project in Android Studio, the IDE automatically creates the debug keystore and certificate in $HOME/.android/debug.keystore, and sets the keystore and key passwords.

I recently wrote a blog post about this, check it out for more details.

Google's SMS retriever API (making OTP verification pain free), The Android app needs SMS receive/read permission to retrieve SMS content. And rest of the app does not use SMS reading feature again. To solve this problem, Google has introduced SMS Retriever API, this API allows  SMS-Retriever-API-Demo This is the demo of the newly launched SMS retriever API, which eliminates the need of SMS permission just for your app specific needs, Like user number verification. This API allows a time frame up to 5 minutes and when your application specific SMS arrives it matches the predefined Hash.

Android SMS Retriever​ API: To Auto Verify SMS – Josh Software, At its I/O this year, Google introduced their SMS Retriever API–a new way to automatically retrieve one-time passcode (OTP) SMS messages on supported Android devices without This verification mode is only available for Android, not iOS.

App Verify Now Offers SMS Retriever—Even Lower Friction During , Twilio provides an easy-to use API for sending and receiving SMS messages with a global reach. and then Verify will tell your code whether or not that code matches the one that was sent. It will also need to have Google Play Services 10.2 or above. Integrating the SMS Retriever API into your Android Application.

App Verification with Twilio SMS, I worked on SMS Retriever API for verification screen of arabam.com application After many attempts, I learned that this cannot be done in Turkey. After all that, I opened an issue to Google Issue Tracker for this but I didn't 

Comments
  • Have you set up your server properly ? Check github.com/googlesamples/android-credentials/tree/master/… this for full example
  • I don't have a server setup. I am manually sending the message to my device from a different device. I didn't read anything that said having a server was necessary for testing. I didn't read anything that said it mattered where the text originates from.
  • I followed all the steps in the link you gave. I added the google-services.json file, added my app to firebase, and made sure my hash code was right. Still no luck
  • You definitely need a server .If you don't have one try setting up with firebase. Try this firebase.google.com/docs/auth/android/phone-auth . This is the 2nd point from the link you shared "Your app makes a request to your server to verify the user's phone number".
  • @sadelbrid Have you solved this problem?
  • Then, there is a possibility for issue in configuration, use onConnected method in GoogleApiClient.ConnectionCallbacks. And also ensure that you have generated proper hash message. Ex : <#> Your code is: 123ABC78 FA+9qCX9VSu