I have a Web Application, which is hosted under a domain (say www.xx.com) and I have activated Google Map Account (say, MyAccount) for that Application as well. The Google Map Key under MyAccount; I have enabled for JavaScript Map API and Geocoding API only. There is another option in that Application, which uses Places API, which I haven't enabled due to the heavy costing for that what google have. But, one of my client want to use the Places API option and they have suggested me that to use Client Google Map Account (say, ClientAccount) for that particular Option; where I'll use their Map Key (under ClientAccount) while they sign-in into the Application. So, the following questions became relevant;
-Is it possible to use Dynamic Map Key under one Project?
Is there any violation of Terms? if yes,
- What is the alternative I can suggest to the client to achieve this requirement?
NB: I cannot make another instance of the application to host for the client as my services are under SaaS model.
Thanks,
Shenulal
Yes this should be possible, just send the customer's key with your Places API requests, and make sure they whitelist your domain in their key restrictions.
Related
my question: Is there any Google API / SDK I can use to be able to dynamically add "HTTP referrers (web sites)" (assign domains) to maps API key ?
Background
I'm building a web-application portal that will allow anyone to create a business website and assign a custom domain to it.
On that generated website customer will have google maps map pointing to address of their business.
Customer has an option to add custom domain to their business website created by my web-application (by CNAME to the my web-application)
Desired feature is that once the domain background job will get triggered that will add that domain/host to list of restricted domains/hosts for my Google Maps Api key so that their domain will be able to read google maps on their domanin
note: I Have cron job DNS lookup validation check implemented to ensure that domain is really assigned to the domain
live example
here is website generated by customer on my web-application http://sbs-sos.sajtka.sk/ he assigned a domain and pointed CNAME http://sbs-sos.sk/
Reason why the google map works is because I manually white-listed their domain. I need to automate this
please aware portal is not fully launched so many bugs are happening
The feature request to manage API keys restrictions via SDK was submitted in Google issue tracker in 2016:
https://issuetracker.google.com/issues/35829646
Currently, there are no any official SDK for that. However, the last update from Google says that they released experimental API to programmatically manage your API Keys and their restrictions.
The best way to handle thousands of authorized domains is to use an API to programmatically manage your API Keys and their restrictions, and we have recently launched a new service that allows you to do this.
This API is still in Alpha. If you are interested in becoming a Trusted Tester for this service, you can use the following form to sign up, please read the instructions carefully:
https://forms.gle/qx2SMcarWCAsbWVp7
Please note that this API is not part of the Google Maps Platform. After you fill out the form, you will be contacted by the API Keys API team with instructions on how to get started, and how to receive support.
API Keys API is currently free of charge. However, please note that use of Cloud Endpoints may be subject to charges at high traffic volume. You can check the pricing sheet here:
https://cloud.google.com/endpoints/pricing-and-quotas
I would suggest joining Trusted Tester program and try out this API.
I hope this helps!
I am implementing Google Maps in my web application. Since Version 3 I don't need an API key for accessing their servers.
Google is limiting the requests, though.
How are they doing that? If external users are accessing my website, one map load is generated.
Do I have now about 25,000 map loads per IP address or how to they
recognize my application?
They probably use the location/domain of the current document(this detail will be sended to the Authentication-service).
But as long as it's not documented this may only be an assumption, you'll have to ask google how they do it.
So, I have bought a key from google for translation; I'm using it and it works as expected. Now there 's another requirement from client to use google maps in his application. Should I have to buy another key for the google map application, or is there anything like a master api key which'll work for all google applications?
Different APIs have different requirements for monitoring and managing usage. Depending on your use case you may or may not have to pay for using Google Maps. And no, there is no master API key that gives you access to all Google APIs.
I saw that one has not to obtain a Google Maps API key if you want to use their maps api in general, only if you want to use their web services and statistics etc.
Now I have two questions regarding this:
If I have a public website which uses the Google Maps API to display a map with default options. How does Google count the API calls if I don't use an API key? (Maybe with the help of the domain which requests the map?)
If they do so and my site exceeds the 25k calls/day, is there a possiblity that my users can login with their Google account on my site and some backend logic will get them an API key from Google that I store e.g. in a database. So I could use the API keys of my users to bypass the API usage limits only for my site.
Assuming you are using the Javascript API v3:
This SO question partially answers your queries.
Have a look at the usage limits, it looks like that you cannot use more than one API key:
Can I use more than one API key to increase my available usage over
the documented limits?
Google reserves the right to withhold access to the Maps API from any site that attempts to use more than the permitted number of map
loads of the Maps API without permission, and fails to respond when
contacted by Google.
Though this may be debatable, to me it seems a bad idea using your user's API key. For sure you need to ask the permission, then you have to monitor their quotas and so on, a minefield...
TL;DR if you exceed constantly the daily quota you should purchase a larger quota.
I have a server which acts as a mesh.
I have 3 mobile apps, each having it's own google maps api Key
all three apps call my server which calls the google apis with the specific app key.
so App1 has key1
App2 has Key 2
App3 has key 3
when I need the directions for App1, my server calls google api with key 1
when I need the directions for App2, my server calls google api with key 2
when I need the directions for App3, my server calls google api with key 3
So my server works like an API mesh. Is this against google terms? I am afraid they will look at the ip address of the server, see there are 3 keys used and assume I am using different Keys for same applications which is prohibited.
The short answer (drawn from the FAQ) is quite simply : no, you can't use two keys in this case.
See https://developers.google.com/maps/faq#usage_avoidance
- they even reserve "the right to withhold access to the maps API from any site" doing so, just as you feared.
Using more than one key, even though it could only be a matter of convenience for you, means for them trying to cheat and bypass the limitation of 25,000 requests per day and per service. And they don't like that, because they want big users of their maps API to pay, of course. Prices are listed on the same page.
You should read the FAQ paragraphs "Understanding the Terms of Service" and "Usage limits" completely - it is quite short but sometimes a little tricky. You'll see that there are a few situations in which you do not actually have to pay even when exceeding limitations :
you are using the google earth API
you are using a native maps API from a mobile platform
you are showing a google map through an embed only
your apps are "in the public interest (as determined by Google at its discretion)"
Also, you do not always need to provide an API key, though these products may still be available for limited use only : take for instance the geocoding API.
I guess you're not in one of those cases (at least bullets 2 and 3) since your calls transit through your server. Using the native APIs in mobile apps would solve the problem, but it does mean quite some development I guess.
It is also worth noting that you should apply for a special maps API for business license for some use cases, e.g. when only paying users get to see your map.
In conclusion, you need to have one single google maps API key when it comes to using their products that require one. Or rather, at most one per domain name.