Aurora Store: Use the Play Store Anonymously on Android
A practical guide to Aurora Store, the open-source Play Store client for Android that lets you download apps anonymously using shared token pools, without linking installs to your Google account.
Nora Andersen 1 juin 2026If you want to reduce your Google footprint on Android without giving up access to Play Store apps entirely, Aurora Store is one of the most practical tools available. It is a free, open-source Play Store client that talks directly to Google delivery servers, fetching app metadata and APKs on your behalf, but without requiring you to hand over your Google account credentials in the normal sense.
Aurora Store is maintained by the Aurora OSS project and its source code is publicly audited on GitLab. It works on stock Android, on custom ROMs such as GrapheneOS and LineageOS, and on devices where Google Play Services are absent or intentionally removed.
How Aurora Store Works
Aurora Store does not scrape the Play Store website. Instead it uses the same internal protocol that the official Play Store app uses to communicate with Google backend servers, a private API that has been partially documented through reverse engineering by the open-source community.
To authenticate with that API, Aurora Store needs a valid Google OAuth token. It obtains one in one of two ways:
- Anonymous tokens - the Aurora OSS project runs a token dispenser service. Users who opt in donate a token from their own Google account to the shared pool. Aurora Store picks a token from this pool when you use anonymous mode. Your device never authenticates directly.
- Your own Google account - you enter credentials directly in Aurora Store. The session is stored locally and is used only to authenticate with Google API, not shared with anyone.
Anonymous mode is the privacy-preserving default. It is sufficient for the vast majority of free apps. It has one hard limit: paid apps require a token tied to the purchasing account, so purchases and DRM-locked content will not download in anonymous mode.
What Aurora Store Does Not Do
Two misconceptions come up constantly and are worth addressing directly.
Aurora Store does not circumvent in-app licences or DRM. If an app uses Play Licensing (LVL) or Google Play DRM to verify a purchase at runtime, Aurora Store cannot bypass that check. The app will launch, see that the validating account does not hold a licence, and refuse to work. Aurora Store simply fetches APKs - it has no power over what the app does after installation.
Aurora Store is also not a way to get paid apps for free. It fetches what Google servers authorise it to fetch. Nothing more.
Installing Aurora Store
There are two trustworthy installation paths.
Via F-Droid (recommended): F-Droid is the curated FOSS app repository for Android. Aurora Store is listed there and is updated regularly. If you have F-Droid installed already, search for “Aurora Store” and install it directly. This is the lowest-friction option and keeps Aurora Store updated automatically. See F-Droid vs Play Store: which one should you use in 2026? for a full comparison of both stores.
Via direct APK download: The official source is the Aurora OSS GitLab releases page at https://gitlab.com/AuroraOSS/AuroraStore/-/releases. Download the latest release APK, verify the SHA-256 checksum listed on the release page, then sideload it. Before sideloading you need to allow installation from unknown sources for whichever file manager or browser you use.
Do not download Aurora Store from random APK mirror sites. The only authoritative binaries are from F-Droid and the official GitLab releases page.
First-Time Setup
Once installed, Aurora Store walks you through a short onboarding flow.
- Choose your session type. Select Anonymous to use the shared token pool. Select Google to log in with your own account. For maximum privacy, start with anonymous.
- Select a token dispenser. The default dispenser is run by the Aurora OSS project. There are community-run alternatives. If the default is rate-limited, switching dispensers in Settings resolves most download failures.
- Set your spoofed device profile (optional). Aurora Store can present itself as a specific Android device when querying Google servers. This is useful if you want to install apps that are region-locked or restricted to certain hardware. Navigate to Settings > Spoofing to configure this. Use it carefully: if the spoofed profile does not match your actual CPU architecture (arm64-v8a vs x86_64), downloaded APKs may be incompatible with your device.
- Configure update behaviour. Aurora Store can auto-update apps it manages. This is convenient but means it needs background network access. Decide whether you want fully manual or automatic update checks.
Feature Comparison: Aurora Store vs Google Play
| Feature | Aurora Store (anonymous) | Aurora Store (own account) | Google Play |
|---|---|---|---|
| Google account required | No | Yes | Yes |
| Installs free apps | Yes | Yes | Yes |
| Installs paid apps | No | Yes | Yes |
| Play Protect scanning | No | No | Yes |
| Signature verification | Manual (settings) | Manual (settings) | Automatic |
| Works without Play Services | Yes | Yes | No |
| Auto-updates | Yes (configurable) | Yes (configurable) | Yes |
| App availability | Most free apps | Full catalogue | Full catalogue |
| Open source | Yes (GPLv3) | Yes (GPLv3) | No |
| Spoofing / region bypass | Yes | Yes | No |
Privacy and Security Trade-offs
Anonymous mode meaningfully reduces the data tied to your identity. Google servers see a request from a shared token, not from your personal account. Metadata about which apps you browse and install does not flow back into your Google profile in the way it does when you use the official Play Store.
That said, three caveats apply.
First, your IP address is still visible to Google servers unless you route Aurora Store traffic through a VPN or Tor. On GrapheneOS specifically, per-app network permissions let you isolate Aurora Store to a dedicated VPN profile so no other device traffic is affected.
Second, the apps you install may themselves contain Google SDKs (Firebase Analytics, Crashlytics, Google Ads) that phone home regardless of how you downloaded the APK. Aurora Store has no control over app internals. The Android privacy hardening checklist covers runtime permission management and network-level blocking to mitigate this.
Third, anonymous tokens are donated voluntarily by Aurora Store users. You are trusting that the token dispenser service is operated honestly. The Aurora OSS project is transparent about this model and the dispenser source is published, but it is worth understanding the trust chain before relying on it in high-threat environments.
Common Problems and How to Fix Them
Token is expired or downloads fail silently. Go to Settings > Networks > Token Dispenser and switch to an alternative dispenser URL, or force-refresh the token. If that does not help, log in with a throwaway Google account instead of using anonymous mode.
App shows as installed but will not open (licence check failure). The app uses Play Licensing. You need to own it on a Google account and log into Aurora Store with that account to pass the runtime check.
App installs correctly but crashes immediately. Check that the APK architecture matches your device. In Aurora Store, go to Settings > Advanced > Filter APKs and ensure Prefer Native Architecture is enabled.
Updates not appearing. Aurora Store tracks only apps it installed or that you manually add to its library. Apps installed via the official Play Store are not automatically managed by Aurora Store. You can import the list of installed apps from within the Aurora Store library view.
Aurora Store fails to update on GrapheneOS. On GrapheneOS, install Aurora Store through the built-in package installer and manage updates manually, or use F-Droid if you prefer automated update checks. The F-Droid privileged extension that enables silent background updates on other Android devices is not available on GrapheneOS by default.
When to Use Your Real Google Account in Aurora Store
Anonymous mode is the right default for most users. There are legitimate scenarios where logging in with your own account makes sense.
If you have a library of paid apps and need to install them on a device without Play Services, logging in with your own account inside Aurora Store is the correct approach. Your account credentials stay on your device and are not relayed through any third-party service. Aurora Store communicates with Google official API endpoints directly.
If you run a work or secondary device where apps validate the signed-in account at runtime, anonymous mode will not meet that requirement.
For the highest-privacy setup on a personal daily driver, anonymous mode plus a VPN, combined with F-Droid for purely FOSS apps, covers the majority of use cases without any Google account exposure at all.
Aurora Store on Custom ROMs
Aurora Store runs correctly on GrapheneOS and LineageOS without any special configuration. On GrapheneOS, network permissions can be scoped per-app, which pairs well with Aurora Store since you can restrict it to a VPN-only profile. On LineageOS, the process is identical to stock Android because LineageOS ships with standard AOSP package installer permissions.
On ROMs that include microG (a free-software re-implementation of Google Play Services), Aurora Store operates alongside microG without conflict. microG handles push notifications and some runtime APIs while Aurora Store handles app delivery.
On fully de-Googled setups with no Play Services and no microG, Aurora Store still works for downloading and updating APKs. Runtime features that depend on Play Services - maps, push notifications, in-app billing - will not function, as is the case on any Play Services-free device. Aurora Store itself has no dependency on Play Services.
Aurora Store is not a complete replacement for the Play Store in every scenario, but for the goal of downloading and updating free Android apps without a persistent Google account link, it is the most mature and transparent option currently available.
FAQ
- Is Aurora Store legal to use?
- Yes. Aurora Store communicates with Google public-facing delivery infrastructure using standard API calls, which is the same mechanism the official Play Store app uses. It does not crack DRM, bypass licences, or distribute paid apps without authorisation. Using it to download free apps in anonymous mode raises no legal concerns under normal circumstances, though you should always review the terms of individual apps you install.
- Can I install paid apps with Aurora Store?
- Only if you log in with the Google account that owns the purchase. In anonymous mode, Aurora Store uses a shared token pool that has no purchase history, so Google servers will not authorise paid APK downloads. Apps that also enforce DRM at runtime through Play Licensing will still refuse to run even if the APK itself downloads, because the licence check happens inside the app after installation.
- Does Aurora Store work on GrapheneOS?
- Yes, Aurora Store installs and runs on GrapheneOS without any special setup. GrapheneOS per-app network permissions let you restrict Aurora Store to a VPN-only profile, which is a useful hardening step. For updates, install Aurora Store through GrapheneOS built-in package installer and handle updates manually, or use F-Droid. The F-Droid privileged extension for silent background updates is not available on GrapheneOS by default.
- What happens when the token dispenser is down or rate-limited?
- Go to Settings > Networks > Token Dispenser in Aurora Store and switch to one of the community-maintained alternative dispenser URLs listed in the Aurora OSS documentation. If all dispensers are temporarily unavailable, logging into Aurora Store with a secondary throwaway Google account is a reliable fallback that avoids any dependency on the shared pool.