For Google Play Services to sign in successfully, you need to make sure the apk from where you are logging in should be allowed to make requests to google servers.
Each apk built with a keystore has a SHA fingerprint. You need to make sure the SHA fingerprint is added in the google cloud.
You can fetch it with keytool command (check here on how to get SHA for each environment )
1. Development build uses android default debug keystore.
2. Release build uses the keystore you set in publishing settings of player settings
3. Google play store build which uses google play signing.
So in total 3 environments (dev, release and production). If you want all the above builds to authenticate successfully, add all 3 fingerprints.
1. Debug ( keytool -list -v -keystore "PATH_TO_DEBUG_KEYSTORE" -alias androiddebugkey -storepass android -keypass android)
2. Release (Get from Google play console -> Your App -> Setup -> App signing -> Upload key certificate )
3. Apk/AAb downloaded from Google play store (Get from Google play console -> Your App -> Setup -> App signing -> App signing key certificate )
Google Play Console. Check here for details on how to add a SHA fingerprint.