A friend of mine has a Google Maps Engine account where he loads up map data which he want's to share with users. These maps are private (ie you need to log in to view them). I've made a system using PHP where people can login to my friends website and I want them to be able to view these maps embedded in his website.
In the Google Maps Engine (GME) interface each map has an 'API ID' and 'Layer names/keys'.
I also have a an API Project with an API Key, client ID, secret etc. Using my API Project I've been able to get an Access token and a Refresh token for my email address which is in the "viewable by" section of the GME interface.
My goal is that I can log onto my friend's website then, using server side PHP, use the refresh token which is now stored in a database, get an access token and echo the content part of his page with the map inside it.
This is what I want to do https://developers.google.com/maps/documentation/javascript/examples/mapsenginelayer-noauth-layerkey
But with Authentication.
I figured it out, in case anyone else has the same question you just need to add
accessToken: 'the_access_token',
In the list of Maps Engine Layer options. I fount the answer here: https://developers.google.com/maps/documentation/javascript/3.exp/reference#MapsEngineLayerOptions
Related
my question: Is there any Google API / SDK I can use to be able to dynamically add "HTTP referrers (web sites)" (assign domains) to maps API key ?
Background
I'm building a web-application portal that will allow anyone to create a business website and assign a custom domain to it.
On that generated website customer will have google maps map pointing to address of their business.
Customer has an option to add custom domain to their business website created by my web-application (by CNAME to the my web-application)
Desired feature is that once the domain background job will get triggered that will add that domain/host to list of restricted domains/hosts for my Google Maps Api key so that their domain will be able to read google maps on their domanin
note: I Have cron job DNS lookup validation check implemented to ensure that domain is really assigned to the domain
live example
here is website generated by customer on my web-application http://sbs-sos.sajtka.sk/ he assigned a domain and pointed CNAME http://sbs-sos.sk/
Reason why the google map works is because I manually white-listed their domain. I need to automate this
please aware portal is not fully launched so many bugs are happening
The feature request to manage API keys restrictions via SDK was submitted in Google issue tracker in 2016:
https://issuetracker.google.com/issues/35829646
Currently, there are no any official SDK for that. However, the last update from Google says that they released experimental API to programmatically manage your API Keys and their restrictions.
The best way to handle thousands of authorized domains is to use an API to programmatically manage your API Keys and their restrictions, and we have recently launched a new service that allows you to do this.
This API is still in Alpha. If you are interested in becoming a Trusted Tester for this service, you can use the following form to sign up, please read the instructions carefully:
https://forms.gle/qx2SMcarWCAsbWVp7
Please note that this API is not part of the Google Maps Platform. After you fill out the form, you will be contacted by the API Keys API team with instructions on how to get started, and how to receive support.
API Keys API is currently free of charge. However, please note that use of Cloud Endpoints may be subject to charges at high traffic volume. You can check the pricing sheet here:
https://cloud.google.com/endpoints/pricing-and-quotas
I would suggest joining Trusted Tester program and try out this API.
I hope this helps!
I have searched for information on data and data security when using the Google Maps API, but I haven't been able to find anything that answers my specific question. We were looking to use Google Maps to to plot our customers and overlay some other information on top. I have all the customer details (name, address, postcode, Lat, Lon and other key details) in a file and have been using some test data. I have successfully been able to plot the test data on Google Maps and it looks like it is exactly what I would want to use.
The question I have is what data is sent to Google for the map to be rendered - does all of my data go external, or am I just pulling the maps back to the browser and rendering the data locally within the browser (ie. no data goes externally).
Thanks
Your additional data are never sent to Google servers. All the map is built in JS, so once you have loaded Gmap scripts, there is no need to sent data.
You can check that in your browser developer console : no additional AJAX request are made to Google, once the first one for displaying map is finished.
If you use geocoder or directions service (and maybe other services, but I have never use them), you have to send addresses or LatLng to Google via AJAX in order to make calculation.
I am setting up a website that shows a Google map and the location of various Google Latitude users on that map via markers.
Thing is, I can't find the exact code to do that. I have trawled through the Google API docs which are extensive but lacking in examples, actual examples of how a finished page might look.
So, I have my Google Map in place and I have registered an account on the Google API and set up OAUTH2 (got my clientID etc.) but I am stuck as to what to do next.
Any suggestions much appreciated.
The Latitude API documentation will tell you all the specific things it can do. It won't do general things for you like "put markers on a Google map"- it is meant to be used rather separately from Maps API. Your application will have to get Latitude oauth authorization for each of the users and use access tokens to request their locations. Only then will you start using Maps API to plot markers of those locations.
It sounds like you have no prior knowledge of any particular framework, so I'll outline how I would do it with Rails, which I believe to be easiest:
Build Omniauth into a new application, so that the user can sign in with Google. There are tutorials to assist you. The sign-in will result in an access token being stored in your database.
Add the latitude 'scope' to your omniauth implementation. The scope can be found in the latitude documentation, and the syntax to add it is found in the omniauth documentation.
For security reasons peculiar to latitude, you'll have to store the 'refresh token' that's supplied only on the first google sign-in for each user and exchange it hourly for a new access token as explained in the google oauth documentation.
Once you have a valid access token for each user at all times, you can use a library such as HTTParty to complete the GET described in the latitude documentation and retrieve a location.
Build a Google Map into a rails view as described in the Maps API documentation. In the controller action that processes that view, you can pass in the user locations for use as markers.
Good luck.
I saw that one has not to obtain a Google Maps API key if you want to use their maps api in general, only if you want to use their web services and statistics etc.
Now I have two questions regarding this:
If I have a public website which uses the Google Maps API to display a map with default options. How does Google count the API calls if I don't use an API key? (Maybe with the help of the domain which requests the map?)
If they do so and my site exceeds the 25k calls/day, is there a possiblity that my users can login with their Google account on my site and some backend logic will get them an API key from Google that I store e.g. in a database. So I could use the API keys of my users to bypass the API usage limits only for my site.
Assuming you are using the Javascript API v3:
This SO question partially answers your queries.
Have a look at the usage limits, it looks like that you cannot use more than one API key:
Can I use more than one API key to increase my available usage over
the documented limits?
Google reserves the right to withhold access to the Maps API from any site that attempts to use more than the permitted number of map
loads of the Maps API without permission, and fails to respond when
contacted by Google.
Though this may be debatable, to me it seems a bad idea using your user's API key. For sure you need to ask the permission, then you have to monitor their quotas and so on, a minefield...
TL;DR if you exceed constantly the daily quota you should purchase a larger quota.
I am attempting to add a Google maps to a website and allow users to insert their postcode to get directions to my client.
Currently I can't manage to make the map visible, the website although under development IS hosted and I have my own unique api key.
Is there more verification necessary? I read something about meta tags but was unsure how to get a code.
Unless your expecting or are getting more than 25000 hits a day, you don't need an API key for the current version of google maps, so requesting it with http://maps.google.com/maps/api/js?sensor=true should work then use a library like this should get it to work http://code.google.com/p/jquery-ui-map/wiki/jquery_ui_map_v_3_tutorial
Follow that tutorial and you'll have it running in no time.