How to restrict google maps api key for usage in xamarin forms?
Hello,
I am consuming some google maps place api endpoints from my app, using http client.
So basically, it's like consuming it from postman or from any web client.
Something like this:
var response = await client.GetStringAsync($"https://maps.googleapis.com/maps/api/place/autocomplete/json?key={apiKey}&input={searchText}");
Everything works when I don't restrict the key, but once I restrict it (in this case I am on android), I always get this result:
{
"error_message" : "This IP, site or mobile application is not authorized to use this API key. Request received from IP address 209.206.117.25, with empty referer",
"predictions" : [],
"status" : "REQUEST_DENIED"
}
This is how I restricted the key (using the debug keystore and the production keystore):
At this point, because I am consuming the API using httpclient and not some native way to do it, I don't know how to restrict this key in order to make it work without errors and at the same time restrict it to be used by this app only.
The alternative is to use the backend as a middleware and restrict the API keys using the HTTP or IP option, but I would rather avoid extra work on the backend.
Any advice? Thanks!