Is there any way to get a Google API key for local testing purposes? I intend to use some of the Google APIs mainly for educational purposes (i.e For learning about it..) and I need to generate an API key without supplying a web site URL..Thanks in advance..
P.S: If it helps I'm trying to learn about Google Translate API
As far as I know, you can supply a local host name (e.g. localhost or testserver) when generating the API key.
Q) Is there any way to get a Google API key for local testing purposes?
Ans:- There seems no way to have google maps API key free without credit card.
Related
I'm going to make a project using the Google translate api and I'm thinking of uploading this project to a server and just sharing it with my friends. But unfortunately the Api Key that I will use in the project can be accessed clearly in the JavaScript file. This is a very bad situation. To prevent this, I have limited the Google Cloud Api and as far as I understand it is only allowed to be used on the links I allow. It cannot be used on other links. Now my main question is, is this method enough to protect Api from malicious people? Do I need to do anything else? Thank you in advance for your answers.
Best practice in these cases is to use .env files to keep data like API keys private.
You have to create a server for that which will perform OAuth and then send an API request to google.
You can get help about how to implement OAuth from this topic provided by google: https://developers.google.com/identity/protocols/oauth2/javascript-implicit-flow
If you send/attach your API key in frontend like javascript which is basically a frontend language then it can be used to:
Send fake requests which will use all of the bandwidth etc.
You should also consult the TOS.
On November 5th 2014 Google made some changes to the APIs terms of Service.
Like you I had an issue with the following line.
Asking developers to make reasonable efforts to keep their private
keys private and not embed them in open source projects.
That is however really only an issue if you are releasing the source code of your app as an Open source project for example.
If your just hosting this on a server then what you shoudl do is set up limitations for the api key adding_application_restrictions you can limit it so that the api key can only be used from your server and no where else.
I'm writing an app in JS that fetches Google Calendar events using Google Calendar API. I've already generated an API Key and Client ID - do I have to do something to try and 'secure' them? Their tutorial puts them directly in the JS file (https://developers.google.com/calendar/quickstart/js), but then I dig further into the dev docs (https://cloud.google.com/docs/authentication/api-keys#securing_an_api_key) and it says not to embed the API key into the code...but that could just be for paid API keys?
I'm writing this mini webapp for a class so I only need it to work for like 6 weeks. I'm hosting it via GitHub Pages, and it was the one that alerted me about the API Key when I pushed the code.
Bottom line - is it safe for me to embed the API key into the JS code that gets pushed to github and made publicly available (so I can have just a frontend and use GitHub Pages)? Or do I need to take some kind of preventative measures?
Thanks in advance!
Api key is only used for accessing public data. For example you could use it to access the Google Calendar public holiday calendars. That being said yes you should keep your api key secrete and not share it but google is aware that this is not possible with client side languages like JavaScript so i have never heard of anyone getting in trouble for leaking their api key by having it in a JavaScript application.
This warning is mainly means that you should not put it in a GitHub open source repository that anyone can download and then run. You must instruct people how to create their own.
That being said if you are trying to access private user data then you should be using Oauth2 to authenticate your users and this you can lock down to only your domain due to the need for a redirect uri. As you say you have created a client id i suspect that you have already done that. Apikey in the javascript code isnt strictly needed if you have added the client id for oauth2.
I have different properties in Google Analytics account. One for the main website and other for the android app. I am currently using Google Embed API in Javascript to access the data from the first property. Now I want to access the data from the second property as well. Is there any way to access the data from the other property in the same code.
I'm new to Google Analytics. It would be really helpful if you could also provide any reference material on how to do it.
There is no equivalent to the Embed API for Android, but there are Java client libraries for querying the various Google APIs that should do what you need.
This page lists all the client libraries for various languages and should be useful to you in general:
https://developers.google.com/analytics/devguides/reporting/core/v3/gdataLibraries
Thanks for the help. The solution was fairly simple. All I had to do was to change the ID in the Query to the value of the ID of the account I wanted to use and the request was sent corresponding account.
Which one is the best way (with or without key) to use Google map in mobile app to show location? I am able to show location without key using this http://maps.google.com/maps/api/js?sensor=false .
But people are saying that this is not correct way. Is there any limitation to use Google API without key? What is the purpose of having key for google API?
Please suggest me the best way to do.
Thanks,
The API limits non business users to 2,500 requests per day. If you don't provide a key, the request are limited by your IP-address. If you do provide a key, the quota limits are per-key instead of per-IP-address. You can also use a key to monitor your application's API usage.
The instructions for v.3 of the Google Maps API say that I
should load the Maps API using an API key
Curiously it says I should..., rather than I must..... Anyhow, at the moment, I am not using an API key simply because (as far as I can remember) there was no mention of an API key when I was writing the code that calls this API.
Should I go back and add an API key to the URL that loads the API? It seems to work fine without the key, so I don't have any particular incentive to do this.
You're actually required to not have a key if you're a business user. Here's a quote from Google:
Google Maps API for Business developers must not include a key in their requests. Please refer to Loading the Google Maps JavaScript API for Business-specific instructions.
Normal users, however, will be fine with or without a key, although Google recommends having a key so you can monitor the API usage. Here is a quote verifying this:
The Google Maps JavaScript API V3 does not require a key, but there are benefits to using one.
You only need a key if you want to use the API management console to restrict access, collect usage statistics, etc. So, a key is recommended but not required.
See Obtaining an API key
In Api version 2 a key is required to run gmap out of localhost
in the API v3 a key is not required