I created a small project. I am using google geocoding API to get the latitude and longitude.
https://developers.google.com/maps/documentation/geocoding
Sample Request:
https://maps.googleapis.com/maps/api/geocode/json?address=1600+Amphitheatre+Parkway,+Mountain+View,+CA&sensor=true
Now I going to production. I am not using the commercial account. Do i need to add the KEY to my Request or not
Can some one tell whether to use the KEY or NOT
It's not required to use the key, but you should(the explanation may be found in the documentation)
Especially the key-based quota is important. When the domain you are using shares the IP with other domains you will share the quota for geocoding with all the other domains when you don't use a key. Of course this wouldn't be acceptable in production(at least for me)
#andrew
API Keys used for security and Google limits the free quota usage at some level.in production when your traffic gets increase you will need a billing account and billing account only works with API KEYs.
Google Maps Platform products are secured from unauthorized use by restricting API calls to those that provide proper authentication credentials. These credentials are in the form of an API key - a unique alphanumeric string that associates your Google billing account with your project, and with the specific API or SDK.
Related
I Possible trace how many requests an API key made on my gateway URL?
Because I need to create a report of the API usage.
Thanks
I see you are using google clouds endpoints, in that case it is easier just to go with the google products:
https://cloud.google.com/monitoring/custom-metrics/reading-metrics
Google cloud already provides all the metrics that you need.
Additionally to #Kram's response, if you need to monitor API usage per client (or not only per API key) you will need to create specific one GCP project per API client to able to track it
I've been asked to help with a site using Google's mapping APIs (mainly Maps Javascript) and we can see the API key on the site but we have been unable to trace which Google account this is associated with. I can set up a new account and a new key and then change the site code, but with another site I have worked on Google had applied a very hefty transition credit after the recent billing changes, plus having the original account access will allow me to see historic usage stats and work out potential future costs under the new allowances.
I realise it would be a security/privacy breach to just reveal the email, but is there any way anyone knows that you can enter an API key and for example have it send a password reset or similar email to the account email address?
API keys are not associated to google accounts. An API key only identifies the project associated to the call for billing and quota purposes (and of course to allow or deny the resource). You cannot “reset” an API Key but you can create a new one.
I have a former person that setup my Wordpress website and there is an API entered for Google Place. Is this Google Place API attached to a Google account in which the API could potentially be revoked by this person in the future? Or is the API directly issued by Google? I just want to ensure continuity on my Wordpress without a feature breaking in the future.
The API is connected to the former person's Google account. I am unsure if the person can revoke the API key.
To be on the safe side, make your own API KEY
I need to extract Google Analytics data through it's API. However I do not want to generate any account and key manually (the reason is I do not want to let this technical this to be performed by any non-techie person) and want to dump that data for analysis purpose.
In order to use any of Googles APIs they need to know who you are. You as a developer are identified by the project you create on Google Developer console. Once the project is created you can create a number of different types of credentials including Service account credentials and Oauth2 Credentials.
Answer: No there is no way to programmaticlly create service account credentials. Nor is it possible to use the a Google api without first creating a project on Google developer console.
Note: Google Cloud Resource Manager does exist but is very limited in what it allows you to do.
If someone else is going to be running your application to access their Google analytics Data you should idealy be using Oauth2 in your application and not a service account.
Service accounts are designed as way for the developer to grant others access to data owned by the developer in question. They are not really intended for novice users to be creating their own projects on google developer console and generating credentials.
You are basically asking if you can obtain the credentials necessary to query the API via the API. This does not work.
I am also not sure how this would help you. Before you can do any API operations to a Google Analytics account you need to have an authorized user (e.g. a service account) added to your view or property. If you are in a situation where you can add a user programmatically to an account you might as well just read the data you need.
I am looking to make a web based app which creates a monthly report that has Google Analytics information in i.e. organic searches etc. Some clients will have their own Google Analytics accounts and wont be own mine.
I managed to get the OAuth 2 authorization working with my account however it wont work for clients as I needed to get the client_secret.json file from Google Developers website. I have seen a service like cyfe.com which just gets the google login information and outs the Google Analytics information in graphs and such.
Does anyone know how they manage this is possible without getting the client_secret.json file ?
oAuth2 is designed to let you access to users data with their permission, without requiring to access their password.
You should use your own client Id and client secret, these identify your application, not your users ("client" here means client of the API).
You then need to create an interface where users can allow your application to access to their data, from this you'll get an access token, allowing to your application to access to Google Analytics data of your user on their behalf.
Read "Using OAuth 2.0 to Access Google APIs", and identify the scenario that matches to what you want to achieve.
I strongly suggest that you use a library managing the authentication flow, you don't need to reinvent the wheel. Here's a list from Google: Google API Client Libraries.