Why does the Google Geocoding API work without key? - google-maps

I'm reading the documentation for the Google Geocoding API, and I noticed that it says that a key is required in a geocoding request, but when I do "https://maps.googleapis.com/maps/api/geocode/json?address=LosAngeles,usa" it gives me the expected result.
Why is this? Is the documentation wrong? Will it start asking for the key after a certain amount of requests? Or is there something I'm not understanding?

Providing a key is not required for most geocoding API requests. When you do not provide a key, Google will use an IP-based quota to determine when you reach the 2,500-queries daily limit.
Some parameters require a key and will not allow IP-based quota. These are explicitly marked in the documentation with:
Note: This parameter is available only for requests that include an API key or a client ID.
Currently, this is only for two parameters in reverse geocoding: result_type and location_type.

source
Beginning on June 11, 2018, you’ll need to enable billing with a
credit card and have a valid API key for all projects. This will give
you the ability to scale easily with less downtime and fewer
performance issues. In addition, we’re simplifying our 18 individual
APIs into three products: Maps, Routes, and Places.
Also, in June 2016 we announced that we would stop supporting keyless
usage, meaning any request that doesn’t include an API key or Client
ID. This will go into effect on June 11th, and keyless access will no
longer be supported. At that time, keyless calls to the Maps
JavaScript API and Street View API will return low-resolution maps
watermarked with “for development purposes only.” Keyless calls to any
of the following APIs will return an error: Maps Static API (including
Static Street View), Directions API, Distance Matrix API, Geocoding
API, Geolocation API, Places API, Roads API, and Time Zone API.
To avoid a service interruption to your projects, please visit our Get
Started page to enable a billing account and generate an API key. Once
you generate and secure an API key, make sure to update your
application with the new API key.

Related

How do I check if my domain is grandfathered?

I have thoroughly read through the updated google API Terms and Conditions:
https://developers.google.com/maps/pricing-and-plans/standard-plan-2016-update
Specifically, this excerpt:
Active domains created before June 22, 2016, continue to be able to access the Google Maps JavaScript API, Static Maps API, and Street View Image API without an API key. They are not affected by keyless access being unavailable for new domains.
My question is, how do I figure out if my domain is grandfathered and can continue to call the static maps API without the API_KEY parameter?
You can test if your domain was whitelisted by trying to load a map without an API key. If you manage to get the static map image it means you were whitelisted.
The whitelist has 25000 queries per day limit which is equivalent to the free quota limit when you are using a key.
To be able to monitor your usage and, if needed, get more quota it would be best for you to start using an API key. You can then check quota and monitor your usage in the Google Developer Console

Google Maps Static API is asking for API Key

When using the google maps static API service, all my requests are showing up as a 403 Forbidden. When taking a look at my request, I notice this error message: "The Google Maps API server rejected your request. This service requires an API key."
The code that is calling the service is below:
<img src="http://maps.googleapis.com/maps/api/staticmap?center=Albany,+NY&zoom=13&scale=false&size=600x300&maptype=roadmap&format=png&visual_refresh=true" alt="Google Map of Albany, NY">
I've used the static map service before and it worked fine and easily. But for some reason, all my requests show up as a 403 now? I've never had to use an API key in the past. If I do use an API key with this call, it works.
What is going on here?
The Google Static Maps API now requires a key (as of June 22, 2016), existing applications should be "grandfathered" with keyless access. See this blog post for more information (relevant text below):
As of June 22, 2016 we are making the following changes to the Google Maps APIs Standard Plan:
We no longer support keyless access (any request that doesn't include an API key). Future product updates are only available for requests made with an API key. API keys allow us to contact developers when required and help us identify misbehaving implementations.
We have implemented a simple 25,000 map loads per day free limit to new Google Maps JavaScript API, Static Maps API, and Street View Image API implementations. The confusing 90-consecutive-day grace period for these APIs is being retired on October 12, 2016. With this change, developers can predictably plan for growth while media sites and US nonprofits can request more quota at no charge via our dedicated support programs.
We have reduced the daily map load maximum limit you can purchase for Google Maps JavaScript API, Static Maps API, and Street View Image API from 1,000,000 to 100,000 requests per API.* We believe higher-volume developers are best served with a Premium Plan license, which includes technical support and a Service Level Agreement, and with this change we've also created consistency between Standard Plan quotas across our maps and web service APIs.
We now count Google Maps JavaScript API client-side requests towards the daily limit of the associated web service API.*
The new policies will apply immediately to all Maps API implementations created on or after June 22nd, 2016.
Existing applications have been grandfathered based on their current usage to ensure that they continue to function both now and in the future. We will also be proactively contacting all existing API key users who, based on usage growth patterns, may be impacted in the future. If you’re an existing user, please take the time to read our Policy Update for Standard Plan summary for details on how each of these changes might affect your implementation.

Using a business API key for reverse geocoding with Google

I'm working on a project that uses Google Maps APIs to reverse geocoding locations.
The customer is supposed to buy a licensed API key when rolling out to production.
Now I'm developing the application and I also need to test its functionality when using a valid, whether free or business, API key.
Let's pick a sample reverse geolocation request
https://maps.googleapis.com/maps/api/geocode/json?latlng=40.714224,-73.961452&sensor=true
I have registered a developer account into https://code.google.com/apis/console/ and generated a server API key. Then I enabled Google Geolocation APIs and Google Maps API v3 (I think I need only the second).
When adding &key=XXX parameter to my previous request I get an error that the key is not valid.
Reading documentation with more attention, I discovered that the geolocation service I'm using is actually part of Maps Web Service APIs (Maps V3 APIs run on browser as Javascript). I tried to find those APIs into the Services list of my console but couldn't find anything more.
How do I use Google's reverse geocoding API with a business key for a project that will handle thousands of daily requests?
with no api key, the Google Geocoding API has the following limits in place: 2,500 requests per day.
Google Maps API for Business customers have higher limits: 100,000 requests per day.
to use to API for Business you have to use URL signing, see https://developers.google.com/maps/documentation/business/webservices/auth
NB: If you're switching from the free API services to a Maps API for Business implementation, you must remove the key parameter from your requests. Google Maps API web services will deny requests made with both a client ID and a key.

Where to place API key for Google Geocoding API?

We use Google Geocoding API to map address to Latitude and Longitude.
Here is the sample URL for encoding (which returns json) -
http://maps.googleapis.com/maps/api/geocode/json?address=Dallas&sensor=false
Message: OVER_QUERY_LIMIT
Ok, it makes sense, because we exceed over 2500 daily limit so we place API key like this -
http://maps.googleapis.com/maps/api/geocode/json?key=xxxxx&address=Dallas&sensor=false
Message: REQUEST_DENIED
I'm wondering where/how to place the API Key.
Looks like in version 3 you need to pass the ClientID in the URL and not a key as you do in the free version: https://developers.google.com/maps/articles/v2tov3#newkey
So your URL should look like: http://maps.googleapis.com/maps/api/geocode/json?client=xxxxx&address=Dallas&sensor=false
Not lucky enough to have a paid account so I cannot test - but I think that will get you on the correct path.
Relevant from this link: https://developers.google.com/maps/documentation/business/webservices/
Client ID
You must include your client ID in all API requests. Your client ID
identifies you as a Maps API for Business customer and enables support
and purchased quota for your application. Requests made without a
client ID are not eligible for Maps API for Business benefits.
If you're switching from the free API services to a Maps API for
Business implementation, you must remove the key parameter from your
requests. Google Maps API web services will deny requests made with
both a client ID and a key.
More information is available in the Authentication and Authorization
chapter of this guide.
If you have lost your client ID, you can recover it by logging in to
the support portal and clicking Maps: Add URLs from the links on the
left of the page.
EDIT
For more information, including instructions on passing your client ID to the Earth API, v2 API, and the Maps API for Flash, please read Loading Client-side APIs.
If you have lost your client ID or cryptographic key, you can recover them by logging in to the support portal and clicking Maps: Add URLs from the links on the left of the page.

Google Maps API Key - Get one for everyone of my users programmatically?

I saw that one has not to obtain a Google Maps API key if you want to use their maps api in general, only if you want to use their web services and statistics etc.
Now I have two questions regarding this:
If I have a public website which uses the Google Maps API to display a map with default options. How does Google count the API calls if I don't use an API key? (Maybe with the help of the domain which requests the map?)
If they do so and my site exceeds the 25k calls/day, is there a possiblity that my users can login with their Google account on my site and some backend logic will get them an API key from Google that I store e.g. in a database. So I could use the API keys of my users to bypass the API usage limits only for my site.
Assuming you are using the Javascript API v3:
This SO question partially answers your queries.
Have a look at the usage limits, it looks like that you cannot use more than one API key:
Can I use more than one API key to increase my available usage over
the documented limits?
Google reserves the right to withhold access to the Maps API from any site that attempts to use more than the permitted number of map
loads of the Maps API without permission, and fails to respond when
contacted by Google.
Though this may be debatable, to me it seems a bad idea using your user's API key. For sure you need to ask the permission, then you have to monitor their quotas and so on, a minefield...
TL;DR if you exceed constantly the daily quota you should purchase a larger quota.