This blog will be helpful for those who do not have a clear idea regarding Google Places and securing its API Key.
Place API is a completely “pay as you go” service model that permits applications to implant and scout from the Google Places database and utilize it on their own apps. However, these API Keys have certain security layouts for shutting up uncertified usage for people with malicious intent.
Although these API Keys are devised and planned as public API keys and do not have any heavy impact concerning user data integrity or confidentiality, these security measures are still important enough to be executed to prevent unwarranted usage.
Today, securing and restricting your Google Places API Key is as important as having a three-course meal a day. If the security standards are not checked and configured properly, a company can face a heavy financial loss, which is simply not good for the business.
So, before moving forward, let’s check out what Google Places and its API keys are all about. Also, we will find out how to create the key and configure the security settings in a few easy steps to eliminate malicious users from hampering your business.
What Is Meant by the Term “Google Places”?
If you are not well acquainted with the Google Places platform, it’s high time to pace up, especially if you’re running a brick-and-mortar store. The Google Places platform permits users to have a map that displays the location of your company next to your website on the search results.
Google Places is generally Google’s listing for numerous local business search results. It pops up at the top of the Google search results when users are seeking local information. It works by showing users the business locations on a small map that are enrolled and certified with Google Places.
Google Places API – What Is It?
There are many reasons why the Google Places platform is so important. This API key is basically the key to display your online presence, and it is important to get it to showcase Google Places on your website.
Places API is a service that provides information about countless places utilizing HTTP requests. Here, places are usually elucidated inside this API as establishments, notable areas of interest, and geographical locations.
There are basically five different kinds of requests that exist within the API. They are:
- Place Search: It gives a detailed list of places based on a user’s search string and location.
- Place Details: It lays out complete information about the particular place, along with user reviews.
- Place Photos: It permits users to access the place-based photos securely stored in Google’s Place database.
- Place Autocomplete: It auto-fills the address or name of a particular place when users type.
- Query Autocomplete: It provides service based on query prediction for text-based geographical location searches and puts forward recommended queries when users type.
One needs to have a key to work with Google’s Place API, and it is included with each Places API request. So, without further ado, let’s find out how to extract the key for Google Places API and what it is all about.
Google Places API Key – How to Create?
The Google Places API Key is a distinctive identifier that helps verify requests linked with your project for billing and usage-related purposes. With the use of an API key to validate requests, you can:
- Manage and regulate your APIs in Google Cloud Console;
- Fetch live usage data and monthly usage of historical data in the Google Cloud Platform Console;
- Monitor more than 30 days of data usage reports in the Google Cloud Support Portal.
How to Get Your API Key?
To obtain your API key, you need to follow certain steps. They are listed below.
- Step 1
Open ‘Google API Console’
- Step 2
Click on the “Select a project” drop-down menu and choose the project created for you.
- Step 3
Click ‘Enable APIs and Services’ on the project page.
- Step 4
The search box that appears after enabling, type ‘Places API’. From the search results, select ‘Places API’ and click on the ‘Enable’ option.
- Step 5
Click on the ‘Credential tab’ and “Create Credential / API Key” buttons on the ‘Places API’ page.
- Step 6
Your new API key is now registered on the credentials page under the API Keys section.
*Tip: You can also root for the SKU Basic Data Plan which is also helpful for the project.
How to Secure and Put Restrictions to Your Google Places API Key
One should always take into account that Google highly advises you to secure your API key. The restrictions allow an extra layer of security and guarantee only certified requests are created with your API Key.
However, there exist two restrictions, and setting up both is highly recommended. They are:
- Application Restriction: This feature permits you to check the usage of the API keys to either web servers, mobile apps, or websites. There’s only one limitation from this section that can be selected.
- API Restriction: This kind of restriction limits the usage of the API keys to one or more SDKs or APIs.
If you want your API Key to be secure, you need to:
- Step 1
Go to Google Cloud Console (https://console.cloud.google.com/).
- Step 2
Select the project drop-down menu and choose the project consisting of the API Key you wish to secure.
- Step 3
Select the menu option and click the APIs and Services.
- Step 4
Following this, the Credentials page will appear.
- Step 5
On the Credentials page, choose the API Key name you want to secure.
- Step 6
Now, on the Restrict and Rename API Key page, lay down and adjust the restrictions.
*Tip: Keep in mind that Places API is inoperative with an iOS or Android restricted API Key.
After successfully setting the restrictions to secure your Places API Key, don’t forget to click the Save button.
Frequently Asked Questions
Q1. Does Google Places API come for free?
No. Places API comes with a “pay-as-you-go” pricing model. It is billed by SKU (Stock Keeping Unit). The factors which determine the overall cost are laid down:
- Basic Data
- Contact Data
- Atmosphere Data
- Autocomplete – Per Request
- Autocomplete without Places Details – Per Session
- Autocomplete (including Places Details) – Per Session
- Query Autocomplete – Per Request
- Places Details
- Places Details – ID Refresh
- Find Place
- Find Place – ID only
- Nearby search
- Text search
- Places photo
Q2. How to use Google Places API?
It’s easy. Firstly, you need to extract an API Key. You can easily carry it out through your Cloud Console by clicking on the project drop-down menu and selecting the project that’s created for you.
Q3. Will I be able to edit or add places?
Yes, only if you are the proprietor of the business. You can freely do it on Google Maps by using Google My Business. You can even suggest edit changes, despite being the owner of a particular place.
Q4. What are the things that need configuration to ensure the security of my Places API Key?
- HTTP Referrers;
- IP Addresses
The API Keys not meeting the above-mentioned security configurations can help malicious users gobble your business’s monthly quota or simply over-bill with uncertified usage of this service, resulting in financial damage to your business, and that’s certainly not good for you.
The Key Takeaway
Securing your Places API Key guarantees your Google Places Platform account is safe and secure. Just like keeping the keys of your car or house is important and necessary, the same goes with securing your Places API keys.
As you can see from the steps mentioned above, it’s very easy and painless to create and secure the Places API Key. Even someone with no prior knowledge of this process can easily get the job done in less than five minutes by following these steps, restricting malicious users quite effectively.
Zazz, as a leading API development company, insists you restrict and secure your Places API keys when you generate them in the Google Cloud Console. You can also easily make further changes to the API restrictions in the future if it is needed.