Signing applications with a digital certificate before releasing them to the public helps to protect the integrity and security of your app, as well as establish your identity as the developer.

In the world of Android development, the Gradle build tool provides a convenient way to manage the signing process for your apps: one useful feature of Gradle is the signingReport task, which allows you to generate a report that lists all of the signing configurations for your app.
This might become useful whenever you need to get the SHA-1 or SHA-256 of your signing key to authenticate against a service.

To use the this task, simply navigate to your project’s root directory in the terminal and run the following command:

./gradlew signingReport

The generated report includes information such as the signing configuration used for each variant, the location of the signing artifacts, and the SHA fingerprints of the signing certificates.

Another benefit of using this task is that it can help you identify any issues with your signing configuration: for example, if you see a variant listed in the report that is not properly signed, you can use the information provided in the report to troubleshoot the issue and get your app properly signed.