{"id":32698,"date":"2021-01-18T12:00:46","date_gmt":"2021-01-18T12:00:46","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=32698"},"modified":"2021-01-18T12:00:47","modified_gmt":"2021-01-18T12:00:47","slug":"api-best-practices","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/","title":{"rendered":"API best practices"},"content":{"rendered":"\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/google-certified-professional-cloud-architect\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to GCP Tutorials<\/a><\/strong><\/p>\n\n\n\n<p>In this we will learn and understand about the API best practices.<\/p>\n\n\n\n<p>API keys are required for apps and projects that use the Google Maps Platform APIs and SDKs. However, API keys are project-centric credentials that serve two purposes:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, Project Identification.<ul><li>Identify the app or the project that&#8217;s making a call to the API or SDK.<\/li><\/ul><\/li><li>Secondly, Project Authorization.<ul><li>Check whether the calling app has been granted access to call the API or SDK and has enabled the API or SDK in the project.<\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Protecting API keys<\/strong><\/h4>\n\n\n\n<p>You should secure the API keys in your application for all Google Maps Platform products that your application uses. You can secure API keys by designating restrictions and by implementing best practices that are appropriate for the Google Maps Platform APIs in your application. Publicly exposing unsecured credentials can result in unintended use, which could lead to unexpected charges on your account.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><a href=\"https:\/\/www.testpreptraining.ai\/google-cloud-certified-professional-cloud-architect-free-practice-test\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"750\" height=\"117\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/01\/Google-Certified-Professional-Cloud-Architect-prac-tests-750x117.png\" alt=\"gcp cloud architect practice tests\" class=\"wp-image-31460\" srcset=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/01\/Google-Certified-Professional-Cloud-Architect-prac-tests-750x117.png 750w, https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/01\/Google-Certified-Professional-Cloud-Architect-prac-tests.png 961w\" sizes=\"auto, (max-width: 750px) 100vw, 750px\" \/><\/a><\/figure><\/div>\n\n\n\n<h6 class=\"wp-block-heading\">The following practices describe strategies to help protect your API keys. <\/h6>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, Restrict your API keys. You can best protect your API key by restricting it to specific IP addresses, referrer URLs or mobile apps, and specific APIs, as this significantly reduces the impact of a key compromise.<\/li><li>Secondly, use independent API keys for different apps. This limits the scope of each key. If an API key is compromised, you can delete and revoke the impacted key without needing to update your other API keys.<\/li><li>Thirdly, delete unneeded API keys.<\/li><li>Fourthly, exercise caution when regenerating API keys. If the time needed to migrate your apps from the old API key to the new, regenerated API key exceeds 24 hours, the instances that are not updated will become broken as they reference the old key, which is destroyed 24 hours after regeneration.<\/li><li>Then, Monitor usage of your API for anomalies. If you observe unauthorized usage, rotate your keys, and notify Google.<\/li><li>After that, on apps that use Maps Web Service APIs or Static Web APIs, use the following methods to safeguard your apps and API keys:<ul><li>Do not embed API keys or signing secrets directly in the code. <\/li><li>Do not store API keys or signing secrets in files inside your application&#8217;s source tree. <\/li><li>Review your code before publicly releasing it. <\/li><\/ul><\/li><li>Lastly, on mobile apps that use Web Service APIs or Static Web APIs, consider one or more of the following techniques to further safeguard your API keys or signing secrets:<ul><li>Use a proxy server. <\/li><li>Obfuscate or encrypt the API key or signing secret.<\/li><li>Use CA pinning or certificate pinning to verify the server resources are valid. <\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Restricting API keys<\/strong><\/h4>\n\n\n\n<p>API keys are credentials, and you should manage them carefully. At a minimum, follow the recommendations below to keep your keys safe, and to make sure that you have restrictions in place to reduce the impact of compromised API keys. However, you can restrict an API key by specifying an Application restriction, or one or more API restrictions.<\/p>\n\n\n\n<p>Application restrictions limit the usage of API keys to specific sites (IP address and web site) or specific platforms. You can select at most one restriction from this category (see Google Maps Platform APIs by Platform). Next, API restrictions limit the usage of API keys to one or more Google Maps Platform APIs or SDKs. Requests to use APIs or SDKs associated with an API key will be processed. Requests to use APIs or SDKs not associated with an API key will fail. For an API key, you can specify as many API restrictions as needed. <\/p>\n\n\n\n<p><strong>To set an API restriction for an API key<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, go to the credentials panel.<\/li><li>Secondly, select the API key that you want to restrict.<ul><li>The Restrict and rename API key page appears.<\/li><\/ul><\/li><li>Thirdly, under API restrictions:<ul><li>Click Restrict Key.<\/li><li>Click the Select APIs drop-down and select the APIs or SDKs you want your application to access using the API key.<\/li><\/ul><\/li><li>Lastly, click Save.<ul><li>The restriction becomes part of the API key definition after this step. If you fail to provide the appropriate details or do not click \u201cSave\u201d, the API key will not be restricted.<\/li><\/ul><\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><a href=\"https:\/\/www.testpreptraining.ai\/google-cloud-certified-professional-cloud-architect-practice-exam\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"750\" height=\"117\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/01\/Google-Certified-Professional-Cloud-Architect-online-course-750x117.png\" alt=\"API best practices GCP cloud architect  online course\" class=\"wp-image-31461\" srcset=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/01\/Google-Certified-Professional-Cloud-Architect-online-course-750x117.png 750w, https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/01\/Google-Certified-Professional-Cloud-Architect-online-course.png 961w\" sizes=\"auto, (max-width: 750px) 100vw, 750px\" \/><\/a><\/figure><\/div>\n\n\n\n<p><strong>Reference:<\/strong> <a href=\"https:\/\/developers.google.com\/maps\/api-key-best-practices\" target=\"_blank\" rel=\"noreferrer noopener\">Google Documentation<\/a><\/p>\n\n\n\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/google-certified-professional-cloud-architect\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to GCP Tutorials<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Go back to GCP Tutorials In this we will learn and understand about the API best practices. API keys are required for apps and projects that use the Google Maps Platform APIs and SDKs. However, API keys are project-centric credentials that serve two purposes: Firstly, Project Identification. Identify the app or the project that&#8217;s making&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"tags":[],"class_list":["post-32698","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>API best practices - Testprep Training Online Tutorials<\/title>\n<meta name=\"description\" content=\"Enhance your knowledge about API best practices using the Google Certified Professional Cloud Architect Online Course and Tutorial Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"API best practices - Testprep Training Online Tutorials\" \/>\n<meta property=\"og:description\" content=\"Enhance your knowledge about API best practices using the Google Certified Professional Cloud Architect Online Course and Tutorial Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2021-01-18T12:00:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/01\/Google-Certified-Professional-Cloud-Architect-prac-tests-750x117.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/\",\"name\":\"API best practices - Testprep Training Online Tutorials\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2021-01-18T12:00:46+00:00\",\"dateModified\":\"2021-01-18T12:00:47+00:00\",\"description\":\"Enhance your knowledge about API best practices using the Google Certified Professional Cloud Architect Online Course and Tutorial Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"API best practices\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"API best practices - Testprep Training Online Tutorials","description":"Enhance your knowledge about API best practices using the Google Certified Professional Cloud Architect Online Course and Tutorial Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/","og_locale":"en_US","og_type":"article","og_title":"API best practices - Testprep Training Online Tutorials","og_description":"Enhance your knowledge about API best practices using the Google Certified Professional Cloud Architect Online Course and Tutorial Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2021-01-18T12:00:47+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/01\/Google-Certified-Professional-Cloud-Architect-prac-tests-750x117.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/","name":"API best practices - Testprep Training Online Tutorials","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2021-01-18T12:00:46+00:00","dateModified":"2021-01-18T12:00:47+00:00","description":"Enhance your knowledge about API best practices using the Google Certified Professional Cloud Architect Online Course and Tutorial Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/api-best-practices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"API best practices"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/32698","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=32698"}],"version-history":[{"count":8,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/32698\/revisions"}],"predecessor-version":[{"id":32929,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/32698\/revisions\/32929"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=32698"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=32698"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=32698"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}