Use API Keys with Maps Static API | Google Developers

          
          

          
          

          
          

          Google Maps Platform products are secured from unauthorized use by restricting API calls to those that provide proper authentication credentials. These credentials are in the form of an API key - a unique alphanumeric string that associates your Google billing account with your project, and with the specific API or SDK

This guide shows how to create, restrict, and use your API key for Google Maps Platform

## Before you begin
Before you start using the Maps Static API, you need a project with a billing account and the Maps Static API enabled. To learn more, see Set up in Cloud Console

## Creating API keys
The API key is a unique identifier that authenticates requests associated with your project for usage and billing purposes. You must have at least one API key associated with your project

To create an API key:
 Console
-
Go to the
Google Maps Platform > Credentialspage

Go to the Credentials page
-
On the
Credentialspage, click Create credentials > API key

The
API key createddialog displays your newly created API key

-
Click
Close

The new API key is listed on the
Credentialspage under API keys

(Remember to restrict the API key before using it in production.)
 Cloud SDK
gcloud alpha services api-keys create \ --project "
PROJECT" \ --display-name " DISPLAY_NAME"
Read more about the Google Cloud SDK , Cloud SDK installation , and the following commands:
## Restricting API keys
Google strongly recommends that you restrict your API keys by limiting their usage to those only APIs needed for your application. Restricting API keys adds security to your application by protecting it from unwarranted requests. For more information, see API security best practices

To restrict an API key:
 Console
-
Go to the
Google Maps Platform > Credentialspage

Go to the Credentials page
- Select the API key that you want to set a restriction on. The API key property page appears

- Under
Key restrictions, set the following restrictions:
- Application restrictions:
- To accept requests from the list of web server IP addresses that you supply, select
IP addresses (web servers, cron jobs, etc.)from the list of Application restrictions. Specify one IPv4 or IPv6 address or a subnet using CIDR notation (e.g. 192.168.0.0/22). Since a web service web service request checks and compares the external IP address against the API key restriction, use the server's public IP address

- Click
Restrict key

- Select
Maps Static APIfrom Select APIsdropdown. If the Maps Static API is not listed, you need to enable it. **Save**

 Cloud SDK

List existing keys

gcloud services api-keys list --project="
PROJECT"
Clear existing restrictions on existing key

gcloud alpha services api-keys update "projects/
PROJECT/keys/ KEY_ID" \ --clear-restrictions
Set new restrictions on existing key

gcloud alpha services api-keys update "projects/
PROJECT/keys/ KEY_ID" \ --api_target="static-maps-backend.googleapis.com" --allowed-ips=" IP_ADDRESS"
Read more about the Google Cloud SDK , Cloud SDK installation , and the following commands:
## Adding the API key to your request
You must include an API key with every Maps Static API request. In the following example,
replace
YOUR_API_KEY with your API key

httpsmaps.googleapis.com/maps/api/staticmap?center=40.714%2c%20-73.998&zoom=12&size=400x400&key=YOUR_API_KEY
HTTPS is required for requests that use an API key

## What's next
Maps Static API requests should also use a digital signature.