有关Google Cloud Platform(GCP)API密钥的Google Play安全警报 [英] Google Play Security alert about Google Cloud Platform (GCP) API keys

问题描述

我们在多个平台(Android，iOS，Web)上使用GCP API密钥进行Google地图，位置搜索(api/place/autocomplete)，静态Google Map等. 现在，我想为Android App创建一个新的/单独的密钥，以便可以添加适当的限制，例如程序包名称SHA1和使用的API.

We were using a GCP API key on multiple platforms (Android, iOS, Web) for Google map, Location search (api/place/autocomplete), static Google Map, etc. Now I wanted to create a new/separate Key for Android App so I can add appropriate restrictions like package name SHA1 and used APIs.

我创建了一个新密钥，在该地图可以正常工作后将其更改为App，但是位置搜索API一直抛出异常- This IP, site or mobile application is not authorized to use this API key. Request received from IP address <ip>, with empty referer",

I've created a new key, Changed it into the App after that map is working fine but Location search API is kept throwing an exception- This IP, site or mobile application is not authorized to use this API key. Request received from IP address <ip>, with empty referer",

有人遇到这个问题吗?或任何提示，我应该如何调试呢?

Has anyone faced this issue? Or any clue that how should I debug this?

推荐答案

您不能使用受Android或iOS限制的API密钥发出Web服务请求. Web服务是服务器端的，并且只能与受IP地址限制的API密钥一起使用.

You cannot make web service requests using an API key that is Android or iOS restricted. Web services are server-side and only work with API keys that are restricted by IP address.

应根据使用的API适当限制每个API密钥.

Each of your API keys should be restricted properly based on the API in use.

对于网络服务，请使用IP受限的API密钥.
对于客户端服务，请使用HTTP引用程序限制的API密钥.
对于 Android 或

For web services, use an IP-restricted API key.
For client-side services, use an HTTP referrer-restricted API key.
For Maps and Places SDK for Android or iOS, use an Android/iOS restricted API key.

要了解有关Google Maps API的API密钥限制的更多信息，请查看以下资源: https://developers.google.com/maps/faq#keysystem
https://developers.google.com/maps/api-key- best-practices#restrict_apikey

To learn more on API key restrictions for Google Maps APIs please check out these resources: https://developers.google.com/maps/faq#keysystem
https://developers.google.com/maps/api-key-best-practices#restrict_apikey

希望这可以澄清您的问题！

Hope this clarifies your question!

这篇关于有关Google Cloud Platform(GCP)API密钥的Google Play安全警报的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！