Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Google Endpoints and Public Api Key

To use a Google service you can use OAuth authentication, or, if you don't need to log the user in, you can use a public api key, defining authorized domain as origin of the request. Now, I'm writing my own API using google endpoints and I will allow users to use my APIs with a public api key, and not using OAuth, there are any built-in method to do so in GAE, or I have to write my own code to verify the api key and the origin of the request to my APIs?

like image 373
Cattani Simone Avatar asked Nov 11 '22 08:11

Cattani Simone


1 Answers

If you are using a client key you can limit those who can access your API by defining a list of referrers in the google console, if you are using the server API key you can limit it by defining a list of IP's which I believe can't be done with GAE since we don't no the server IP which can be changed any time.

like image 55
montss Avatar answered Dec 20 '22 03:12

montss