Protecting your Google Maps API key from unauthorized use - Setting up website restrictions (HTTP referrers)
This article covers how to set up HTTP referrers for your Google Maps API key to ensure your API key is not misused by an unauthorized party
Once you have set up your API key, please return to theΒ Google API Manager.
- Please check that you have selected the API project that your API key was created against
- ClickΒ CredentialsΒ in the left-hand menu in the Dashboard.
- Select the three dots, in the Action Column next to your API key, and then select Edit API key
Scroll to Set an application restriction and select Websites
In the Website restrictions section click on the ADD button, this will reveal an input box where you can add the domain/s you would like to lock your API key to. In the Add website input box please add your domain name in the following format (note there is no dot between the first asterisk and the domain),
and then select DONE.
If you maintain additional sub domains where the API key will also be used, an additional entry can be added in the following format (note in this instance, there is a dot between the first asterisk and the domain name.
and then select DONE.
Once you have added your website restrictions scroll to the bottom of the page and select the SAVE button
