I have an existing app in play-store that still hasn't opted-in for app-signing by google play.
Recently we have the intention to use AppBundle but this requires app-signing by google play to be turned on.
Because we can't afford signing user out and we are storing their accessToken in the SharedPreference; One particular question got me worry in the migration process on existing user's devices:
since the new apk will be signed with a different key, does that mean, if my app has
androidBackup="false"defined in theAndroidManifest.xml, user will lose all their local stored files(sharedPref, database, etc)? If not, how google managed to prevent this?we restrict usage of our Google Cloud API by setting the package-name and signing key SHA-1 pairing. does that mean I can only figure out the new signing key once I publish to the playstore?
When you enroll in App Signing by Google Play, you will be asked to upload your private key (encrypted) so that Play can sign APKs on your behalf with the same key. So there will be no difference for your end users, they will receive an APK signed with the same key, and thus backups will not be affected.
This should answer your second question as well: there is no new signing key, it's still the same, thus the SHA-1 of the certificates won't need to change.
Note: The new "upload key" that you will be prompted to generate optionally is the key that the App Bundle will be signed with, but your end users will never see any APK signed with that key. It's recommended to use an upload key different than your app signing key so that you can put your app signing key in a safe (having it leaked could have very bad consequences), while the upload key can easily be reset with Google if you lose/leak it.
Hope that helps!