Google One Tap login and Google Sign In require OAuth 2.0 client ID configuration in the background, although you may not have explicitly used it. Ensure that your OAuth 2.0 client ID configuration in Google Cloud Console matches the signing certificate (SHA-1) used for Google Play App Signing. Update your OAuth configuration to ensure that the package name and signing certificate are correct. I encountered the same problem, the key point being the difference in signature certificates. When you upload AAB to Google Play, Google Play will use its own signature certificate for signing, and you may have used a different signature certificate during development. Therefore, ensure that the OAuth 2.0 client ID configured in Google Cloud Console uses the correct SHA-1 signing certificate (i.e. the certificate used by Google Play), rather than the certificate generated locally.