1

First of all: Everythig is working at the moment. I just want your opinion for improvements.

I am currentyl developing an Android Application, that needs access to different Google APIs. So I created a API key and made a App restioction. I used that API Key inthe google_maps_api.xml to authentificate my App for the Google Maps API.

I then needed the Google Directions API. As far as I know the only way to acces it, is via HTTP request. The HTTP request needs the API key in it. Now the problem is, that my API key is App restricted. That means, it will not work with the HTTP request. I created a second API Key and removed the restriction to solve that problem at the moment. But that is not a good solution in my opinion.

I also found this SO Question from 2016, which has no answer but is facing the same problem.

GAlexMES
  • 343
  • 2
  • 19

1 Answers1

2

API key are not restricted to a specific API. A single API Key can be used to access all available Google APIs. This is why you see all these restricted options when you create a new key. Not all API support the Android and IOS restriction. For example, Google Maps has a library available for Android and IOS. That means you can create a key and restrict it to Android and specify the key in your Android library and do the same with IOS by creating another key and restricting it for IOS only.

However, APIs like Google Maps Distance Matrix and Google Maps Directions do not support Android and IOS restriction. This is basically because these two APIs work with HTTP requests. So in order to add a restriction you will have to create your own server, using PHP or Java, and store the API key on your server. Your client will then send a request to your server to fetch Google API. Since the key is restricted to your server ip only, no one except your server will be able to use the Google API.

This is very important to restrict a key because someone could use your key to access all your activated APIs in your project.

For more information on what API support what restriction visit this page: https://developers.google.com/maps/faq#restriction

DustyMan
  • 366
  • 3
  • 9
  • Yeah, that is basicly, what I thought too. I just hope, that there is some kind of workaround. Because I don't want to setup a server at the moment. But thanks! – GAlexMES Mar 13 '17 at 19:37
  • Unfortunately there is no work around. But making a server is really easy if you use Google App Engine. You can get started with a single PHP file and a couple of lines only. – DustyMan Mar 13 '17 at 19:40
  • I don't use Google App Engine at the moment. Is it worth to use it? – GAlexMES Mar 13 '17 at 19:41
  • Google App Engine is amazing. It's basically a PHP/JAVA/PYTHON server with built in google library. If you need help getting started you can always ask for me on Android/Dev discord: https://discord.gg/wrFetJX – DustyMan Mar 13 '17 at 19:43
  • Thanks! I will definitly have a look in the next days! – GAlexMES Mar 13 '17 at 19:44