From the Firebase help center it seems that the SHA-1 fingerprint is not a mandatory requirement for general use but might be necessary for the use of Dynamic Links, and Auth. However it was required for linking Firebase with Google Play previously.