I am selling stuff online and I would like to geocode my customer delivery addresses before delivery to make the delivery address is correct to avoid wrong delivery. If I use Google Map API, after I query an address, can I save the returned attribute in the own storage (such as building and street names, lat/lon) so that I don't need to re-query every time? Some customers addresses are repeating or written in incorrect format. If I can search it from my own archieve before Google Map API query, it can save the amount of time/queries required?
The Terms of service allow a temporary caching up to 30 days with a purpose of improving the performance of your application. The permanent storage is prohibited.
For further details refer to section 10.5 of Terms of service:
No caching or storage. You will not pre-fetch, cache, index, or store any Content to be used outside the Service, except that you may store limited amounts of Content solely for the purpose of improving the performance of your Maps API Implementation due to network latency (and not for the purpose of preventing Google from accurately tracking usage), and only if such storage:
is temporary (and in no event more than 30 calendar days);
is secure;
does not manipulate or aggregate any part of the Content or Service; and
does not modify attribution in any way.
Related
Imagine the following situation. I have an API and a developer builds an application that retrieves new content from it on a daily base. She stores this content and provides this data to all the instances of an app she developed. In this way these apps do not have to call the API directly.
Is there a way to prevent this and force the apps (and therefore the end users) to use the API and not only the application on the server.
I found many questions about how to cache API data but not how to prevent that. I am fairly new to this, so maybe I am overlooking something or maybe it is not possible to prevent this.
Thank you in advance!
Assuming you are using Apigee for API-management, you have some options. First, consider the options available to you contractually, if this is that sort of business relationship and you can impose certain API behavior with a business partner through a contract.
Separate from the legal side of things, we remember that you control your API and the credentials you issue for use by your API clients. You cannot though control, practically, what a client developer does with the credentials you issue: she could promise to embed the credentials in the mobile apps' API client, but change her mind and use it centrally, and then design her mobile client to call into her central cache. If though you really insist that only mobile app clients should be calling your API and not a hub/cache server, then you could consider applying constraint policies on your API (within the Apigee proxy, such as Access Control). For instance, you could blacklist your partner's hub/cache server IP address, although that is weak security at best. Or, you could apply a constraint that only clients with certain identifying User-Agent strings (mobile OS, client) are allowed to connect to your API. Or use GeoIP filtering to allow only clients from certain regions, if that applies to your use-case.
Finally, depending on the data model, you might be able to rate-limit such that a bulk cache becomes impractical: if your edge-client use-cases is to fetch a single record, but a cache would have to hold thousands of records, then you could impose a per-client rate limit (Quota policy) which is no bother to individual mobile clients, but makes the work of a hub/cache server untenable.
I have thought about monitoring reads for users in Firebase.
Let's say that a user makes a lot of "reads", then I will monitor these "reads" by writing to a counter in a separate document. Once the user has reached 104 reads I will tell the user that they have reached their daily quota. In such a case I also want to disable them from making any further reads (for a day), is this possible in Firebase?
No, that's not currently possible. At least not in any secure way that would prevent the user from manipulating the value.
Your best solution at present would be to use Firestore or RTDB as a non-public database and then create an API behind the API Gateway to handle your rate limiting. Then reads go through your API giving you much more control but of course involves losing realtime updates.
I'm trying to use the Google Analytics Management API to automate the management of a large amount of GA Properties, which is what it's for according to the docs.
However, I'm having trouble with a lot of settings, that it seems like are not available through the API. The expected format of a GA property resource is quite limited in the fields you can set, and it seems to not allow specifying other fields.
Specifically, I am interested in setting the "Advertising features", aka whether to enable the Demographics and Interest Reports:
When updating this setting through the GA UI, the field within the request seems to be called demographicsEnabled, but I cannot set or retrieve this value when using the Management API.
How can I set this and other values through the Management API, or other means? If only a small fraction of the settings for a property can be set through the API, that seems kinda useless for managing large accounts, as the docs claim you can do - so I assume there has to be a way I'm just not seeing here.
How can I set this and other values through the Management API, or other means?
You cant the management api is very limited in what fields you are able to update. Unfortunately unlike a number of other google apis documentation it doesn't actually tell you which fields are writeable. I will mention that to the team.
If only a small fraction of the settings for a property can be set through the API, that seems kinda useless for managing large accounts, as the docs claim you can do - so I assume there has to be a way I'm just not seeing here.
The API was not intended for managing large accounts IMO. It was probably only intended for getting information about what accounts a current user has access to.
What i suggest that you do is create a feature request asking for the ability to update the fields that you are trying to update. The team is normally very open to those types of requests.
Link it here and i will be happy to bring it to the teams attention next time i speak with them.
AFAIK this and many other features are not available in Management API.
I'm working on building my first web/mobile app with Meteor, using Javascript for both the client and server.
Essentially, the app will allow users to rate restaurants based on a variety of factors, such as how loud it is or how nice it smells. The averages of each of these attributes would then be stored in my database along with the Google ID of the associated restaurant. Other users can then search for places near them and sort the results based on any of the rated attributes.
So if a user requests a list of places and a request is made to the Google places library API, and then those places are matched against data in my database, how are the limits applied? Since the server is also running with Javascript, can I call the API with the server? And if I do, is the API able to distinguish between different users and apply the individual limits? Or if it's all coming from a single server will it give me a total limit equivalent to a single user?
Thanks for any help and guidance.
The Google Maps JavaScript Places Library does not have a documented limit. However, if you perform request that have gone over its request quota, you will get OVER_QUERY_LIMIT. So maybe the Javascript API Usage Limits can help you to know more about limits by using this API.
Check also this related SO ticket.
I'm developing a Web Application (based on Google Maps API V3).
Whenever an user clicks on a map, a marker is placed on that point and
an "human readable" address is resolved (by the geocoding service). In
this way I can put in an infowindow, attached to that marker, the
corresponding address.
The question is: Can I resolve just one time that address and store it
on an external DB? Is this practice compliant with your terms of
service?
Regards
The relevant section of the TOS is
10.1.3 Restrictions against Data Export or Copying.
(b) No Pre-Fetching, Caching, or Storage of Content. You must not pre-fetch, cache, or store any Content, except that you may store: (i) limited amounts of Content for the purpose of improving the performance of your Maps API Implementation if you do so temporarily, securely, and in a manner that does not permit use of the Content outside of the Service; and (ii) any content identifier or key that the Maps APIs Documentation specifically permits you to store. For example, you must not use the Content to create an independent database of “places.”
This precludes the use of reverse geocoding.
no, this is forbidden by the terms of use by google.
we would have done it your way in another project, but we had to change because of the terms of use.