问题
I enabled Google Distance Matrix API and restricted the key for Android Apps because I will be sending http queries from my android app to receive json response:
Without restriction, it works and I get expected result. But when it's restricted (with my package name and SHA1) I get a failure message in the json object with a "REQUEST_DENIED" status saying:
This IP, site or mobile application is not authorized to use this API key. Request received from IP address [ip_addr], with empty referer.
From other posts I understand that the Distance Matrix API must be used with a Server Key, but in this new Google Console there's no option for a Server Key; you just create a key and choose a restriction from the above.
Firebase Console creates a Server Key and I can use it in my android app but without restriction.
So how do I restrict this key to using Distance Matrix API only from my android app?
回答1:
Please note that Android app restriction is valid only for Google Maps Android API v2 and Google Maps Places for Android. Web services (e.g. Distance Matrix API) will not work with this restriction.
The restrictions that will work with an API keys for web services are IP restrictions.
It is supposed that web services requests are executed on your backend servers. If you need to restrict an API key, the workaround is to create an intermediate server. Your Android application should send requests to the intermediate server, intermediate server should send requests to Google and pass responses back to your app. In this case you can restrict an API key by IP address of your intermediate server.
来源:https://stackoverflow.com/questions/40661405/can-an-android-app-restricted-api-key-be-used-for-google-distance-matrix