We were using a GCP API key on multiple platforms (Android, iOS, Web) for Google map, Location search (api/place/autocomplete), static Google Map, etc.
Now I wanted to create a new/separate Key for Android App so I can add appropriate restrictions like package name SHA1 and used APIs.
I've created a new key, Changed it into the App after that map is working fine but Location search API is kept throwing an exception-
This IP, site or mobile application is not authorized to use this API key. Request received from IP address <ip>, with empty referer",
Has anyone faced this issue? Or any clue that how should I debug this?
You cannot make web service requests using an API key that is Android or iOS restricted. Web services are server-side and only work with API keys that are restricted by IP address.
Each of your API keys should be restricted properly based on the API in use.
For web services, use an IP-restricted API key.
For client-side services, use an HTTP referrer-restricted API key.
For Maps and Places SDK for Android or iOS, use an Android/iOS restricted API key.
To learn more on API key restrictions for Google Maps APIs please check out these resources:
https://developers.google.com/maps/faq#keysystem
https://developers.google.com/maps/api-key-best-practices#restrict_apikey
Hope this clarifies your question!
I have the same issue, I'm using Android RN application but this could help to any mobile app (Native or React native), the issues come up with you are hardcoding your API KEY (this case google places API into your source code), in order to avoid it you should remove it and add it as System/environment variable, depend of what OS you using OS MAC or Windows, or you CI/ CD if you are delivery you app through it. I solved with the steps below:
I have to setup my System Environment variables in my local
environment in my case I'm using MacOS, Open terminal and run
export GOOGLE_PLACES_ANDROID_API_KEY=Insert_API_KEY_here
(optional but this is better)or copy it in ~/.bash_profile
Make sure my system/environment variable is there- use in the
terminal "printenv" -this will list those and there should be your
api key
GOOGLE_PLACES_ANDROID_API_KEY
Add android/gradle.properties the following line
# GOOGLE PLACES (we will replace this value DON'T COPY YOUR API KEY HERE)
GOOGLE_PLACES_ANDROID_API_KEY=HiHackerNoMyKey
Add the following lines in app/build.gradle inside defaultConfig
defaultConfig {
buildConfigField("String", "GOOGLE_PLACES_ANDROID_API_KEY", "\"${GOOGLE_PLACES_ANDROID_API_KEY}\"")
}
in my case I'm using Appcenter as CI so I added this line if we are building in CI and my CI should have my APIKEY in my system/environment variable already setup
[buildConfigField("String", "GOOGLE_PLACES_ANDROID_API_KEY", "\"${System.env.GOOGLE_PLACES_ANDROID_API_KEY}\"")](url)
and you can call it using java
Log.i(TAG, BuildConfig.GOOGLE_PLACES_ANDROID_API_KEY);
more reference
https://developer.android.com/studio/build/gradle-tips#simplify-app-development
I hope this helps!!
Related
There is any way to configure google maps api key using command line or any other way without accessing the console website? I'm trying build and release Android APKs using command line, everything is already working fine, but every Android APK has different packageId and all of them use Google Maps. How can I automate this configuration?
BB:0D:AC:74:D3:21:C1:43:67:71:9B:62:71:AF:A1:66:6A:67:5B:75;com.example.myexample1
BB:0D:AC:74:D3:21:C1:43:67:71:9B:62:71:AF:A1:66:6A:67:5B:75;com.example.myexample2
BB:0D:AC:74:D3:21:C1:43:67:71:9B:62:71:AF:A1:66:6A:67:5B:75;com.example.myexample3
No, it is not possible. You can automate the creation of those strings (SHA and package of the app), but you can't send them and retrieve the key, you have to use the web console in the browser.
You need to create the key once, so it has a very low usefulness the script via commandline
I have an android app that uses google places api to get near places...everything works fine when I leave the allowed android devices field for android api key empty...but when I add my custom certificate's SHA1 fingerprint and package I get the error that my app is not authorized...when I remove it again it works!
I think it is necessary to add this field because it prevents quota theft but why I am getting this error?
I am pretty sure of that the fingerprint and the package name are correct.
Help please
The problem is that you're using an Android API Key.
For the Places Webservice API you need to use either a Browser Key or a Server Key.
From the documentation:
If your project doesn't already have a key for server applications,
create an API key by selecting Create New Key (under "Public API
access") and then selecting Server key.
Also, this is interesting since you found out this is not true, but the documentation also states:
Note: The Google Places API Web Service does not work with an Android
or iOS API key.
Go in the Google Developer Console, click Create new Key, then click Server key
or Browser key.
This is the key that you use in your URL that returns JSON.
If you also have a Google Map, use a separate Android key for that, placed in your AndroidManifest.xml.
If you are using the Places API Web Service then you should use a Server key, as noted by Daniel Nugent above (please accept his answer, not mine).
In this case, best practice is to proxy the requests from your Mobile Application via an intermediate server.
If it is possible to do so, given your feature requirements, you should consider using the newer Places API for Android, in which case you would be able to use an Android Key.
I have a problem with connection with Google maps API V2 and Android. I' ve enabled services:
Google Maps Android API v2
Places API
Also I've added sha1 fingerprint.
But I still get this message: This IP, site or mobile application is not authorized to use this API key
I'm calling service from Android. Do you know where might be the problem, cause I don't know where to search.
You must be creating a browser key instead of an android key. I faced similar problem when I accidentely created an android key for Google Cloud Messaging instead of a server key. Please check which key is required for your purpose. For google maps v2 you need android key and for google places api you need a server key(searched google but not so sure on this one never used it). So basically you need two keys.
Update:
You need server key for places api.
Refer this tutorial.
http://www.androidhive.info/2012/08/android-working-with-google-places-and-maps-tutorial/
Step 1- Go to code.google.com/apis/console/?noredirect
Step 2- Create a new project
Step 3- Go to services and choose Places API, turn it on. This will ask your organization name and url.Fill them and click Ok.
Step 4- Now go to API Access and there will be your API Key. You don't have to click on Create new key. This will be your browser apps key which you can use in your Android Apps.
This solution worked for me perfectly.
If generating an Android App, the "Server" IP address could be any IP of any phone on any network. What do I write in the "Accept requests from these server IP addresses" box in order to have any IP address accepted?
Edit - Apologies. Apparently just leave it blank...
I just had this issue the other day, it is not actually an issue with this library.
First, make sure you're using a server API key, not an Android/iOS key (if you're doing mobile development). See this stackoverflow post: Google Places API request denied for Android autocomplete, even with the right api key . The TL;DR version of that link is that Google Places API doesn't support the Android/iOS key option, only the server option.
Second, and this goes without saying, make sure you're passing the key to the GooglePlaces instance.
Lastly, if you're restricting use of the API key by IP make sure your request is coming from an allowed address.
You don't need to create a key for using Google place API, instead just use "Key for browser apps (with referers)". But if you want to use Google Map API, you need to generate a Android Key, and you could find instruction here :https://developers.google.com/maps/documentation/android/start.
Good luck.
I got this problem too. but I SOLVED this issue only using something tricky. Go to your google console and create new key which is browser key, then let the column empty and save. you can use the key that has been created in you mobile apps now.
GOOD LUCK! *Unfortunately I can't post an image to this answer
Change your API key, you may use Android key in the URL. For to specify Key in the URL you need to get WEBSERVICE key.
I created one application and generated an api key, which worked and my app correctly renders map.
I created a second application, which is based on an Android Library project I created and I want to reuse the API_KEY of the first app. In https://code.google.com/apis/console, for my API debug project, I selected "Edit allowed Android apps...".
Then on a new line, I added the SHA1 certificate fingerprint and package name (separated by a semicolon) of my second project. So now that API Access key has the fingerprints of two apps associated with it.
However, when I test the second app on my android phone, logcat outputs
Google Maps Android API Authorization Failure.
The Certificate fingerprint of my second app is correct. My second app also references Google Play Services and is using Google API Level 16.
The second app manifest file is set up similarly to the first one, making reference to the debug API_KEY and having the same android permissions. What may I be doing wrong?
However, the recommended practice is to sign each of your applications with a different certificate and get a different key for each one.
https://developers.google.com/maps/documentation/android/start#getting_the_google_maps_android_api_v2
:D
I've previously found this helpful https://stackoverflow.com/a/13865113/935779
Make sure to export a signed copy with the same key you used to create your API key
This is often a problem when working with a Google Maps key and may very well be your issue. However, Nathvi is also correct from the documentation and you may consider a separate key if at all possible.
I'm trying to make an Autocomplete field which should fetch cities as the user types, by using the Google Places API as described in this tutorial:
https://developers.google.com/places/training/autocomplete-android
You've probably found this question around many times before as I did, but none of the answers helped me. Here are the things you should know:
The URL is
https://maps.googleapis.com/maps/api/place/autocomplete/json?sensor=false&key=myKey&components=country:ro&input=whatTheUserTypes
Please don't reply by saying you replaced the API key with your own and it worked - the API key which goes there must be Android specific and won't work from a browser.
So did I make the Android API key using the SHA1 fingerprint obtained from the keystore I signed the app with.
I turned on Maps and Places APIs from the console.
The quota isn't exceeded.
All those and it still gives me REQUEST_DENIED
What I didn't mention is that I have O2Auth activated - does that change anything? Shouldn't it be as simple as putting the API key in the app?
Thanks!
Although this has been answered, I think the community could do better.
I was tearing my hair out about this, it just didn't make sense to me.. I was making an iOS/Android App, so I made an iOS/Android Key...
Wrong.
With Google's Places API, your bundle identifier isn't even considered.
What you really want to do is this:
(I'm using the new User Interface)
1. Log into https://cloud.google.com/console#/project
Select your Project Name, then go into API's & Auth > APIs
Make sure you have Places API Turned on. This is the only thing that needs to be turned on for Places-API to work.
2. Go into Credentials
Click CREATE NEW KEY under Public API Access
3. Select BROWSER KEY
4. Click Create, Nothing Else
Leave the HTTP Refer box empty.
5. Use the Key Generated here
This key will allow ANY user from any device access to the API via your Developer login.
You can try it out here: (Be sure to replace YOUR_KEY_HERE with your generated Key)
https://maps.googleapis.com/maps/api/place/autocomplete/json?input=Food%20Sh&sensor=false&radius=500&location=0,0&key=YOUR_KEY_HERE
6. Enjoy
Now you can use that URL above in your Android/iOS device.
The Google Places API does not currently support Android or iOS keys generated from the Google APIs Console. Only Server and Browser keys are currently supported.
If you would like to request this support, please file a Places API - Feature Request.
https://developers.google.com/places/training/autocomplete-android
Storing your API key
Although the above code demonstrates how to communicate directly
between an Android app and the Places Autocomplete service, you should
not store your Places API key with your app.
You should therefore build a web application that stores your API key
and proxies the Places API services. In order to secure communication
between your Android app and the proxy web service, you should require
user authentication to your proxy web service. Your Android app can
securely store user credentials and pass them to your web service, or
the user can log into your web app via an Android WebView.
For the latter approach, your web app should create and return a user
authentication token to your Android app, and your Android app should
subsequently pass this token to your proxy web service.
Go to google cloud platform console>Credentials click on edit by selected your YOUR_API_KEY>Application restrictions > select none option>save thats it.
If you select the android apps option from Application restrictions then google deny the place API with exception REQUEST_DENIED.
In Google dev console, you should be able to find both "Places API" and "Places API for Android"
Make sure to use "Places API for Android"
For some reason, "Places API for Android" is hidden in the API list, but can be accessed using search.
I had the same issue , I fix it by leaving
Accept requests from these HTTP referrers (web sites) (Optional)
in browser key Empty
I am still new, so I cannot comment, but to shed some light on Moe's answer, I resolved some similar Google Maps API issues regarding URL queries (for directions, using Volley) with the following steps:
Get Android API Key (including Google Maps Directions API in my case).
Get "Server" API Key (which seems to be created by using a key restriction of "HTTP referrers" these days - really, it's just used to issue URL queries through HTTP).
Store the Android API key as a meta-data tag in the application tag in AndroidManifest.xml with android:name="com.google.android.maps.v2.API_KEY" and android:value as your key. This is used for direct interaction with the Maps API (minus URL queries).
Use the server API key whenever issuing URL queries.
I am not sure if this also applies to URL queries for the Places API, if you only need the server API key, or if there is a better solution, but this worked for me.
I imagine that it works with just the first key - the one not restricted to Android.
Inside Google Cloud Console type Places and Activate it. Create an API Key and insert it onto your Android Studio App as you would do normally. That`s it.
I had the same problem. For me the key was to enable billing on project. I am still using "Applications for Android" restrictions. After setting up the payment method, Places Api started working.
Prior to using the Places SDK for Android, do the following:
Follow the Get an API Key guide to get, add, and restrict an API key.
Enable billing on each of your projects.
Enable the Places API for each of your projects.
See it there.
Be sure also to check out the billing plans for the Google Places API as it is not free!