Our game Mahjong Quest (com.hashcube.mahjongfree) has been facing an issue where it only lets users sign in as a guest. This only happens on the live app (maybe after amazon signs the apk) and not in our in house release apks (the ones that we submit to amazon).
We raised an issue with amazon and they suggested we use a new api key and generate a new security profile key using an MD5 certificate instead of SHA256.
This is what they wrote:
If you look through your log output, you might see that the app is probably throwing this error:
to decode: Decoding fails: certificate fingerprint can't be verified!
W/com.amazon.identity.auth.device.appid.APIKeyDecoder(10756): Unable to decode APIKEy for pkg=com.amazon.ags.app
GameCircle is not able to initialize because the APIKEY cannot be verified and is incorrect. Please provide the correct APIKEY or regenerate a new one for the app. If you haven't generated one, this is the guide for doing so: https://developer.amazon.com/public/apis/engage/gamecircle/docs/create-a-gamecircle-configuration#GenerateAPIKeys
Go to the "Generate API Keys" step for what to do and this will resolve the issue.
This log did not appear in our app, but we regenerated one anyway and it did not work
If you verified that the above is correct, there might be a different, but related problem. There was a bug in the way support for SHA256 was added in Dev Portal, and it looks like this might be the reason for this problem. The issue has been fixed. However it would require a step on your side. The solution would be to generate a new api_key using an MD5 hash, and embed it into your app. Hopefully this should solve the issue.
We tried to do this as well but it still did not affect the issue
We are trying to figure this out as well, and wrote to amazon twice after this but we haven't got a reply. GameCircle was working fine earlier for us. We suspect it's an issue with a mismatch after amazon signs the apk but need more hints to solve the issue.