To use a Google service you can use OAuth authentication, or, if you don't need to log the user in, you can use a public api key, defining authorized domain as origin of the request. Now, I'm writing my own API using google endpoints and I will allow users to use my APIs with a public api key, and not using OAuth, there are any built-in method to do so in GAE, or I have to write my own code to verify the api key and the origin of the request to my APIs?
If you are using a client key you can limit those who can access your API by defining a list of referrers in the google console, if you are using the server API key you can limit it by defining a list of IP's which I believe can't be done with GAE since we don't no the server IP which can be changed any time.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With