Showing results for 
Search instead for 
Did you mean: 
Not applicable

Google API Key in Power Apps

In order to leverage Google Static Maps in power apps an Google API key needs to be used.  Does anyone know how to apply apropraite key resrictions to prevent missuse of API key outside of Power Apps? Resricting to within particular power apps is event better. Here are the options I see in the Console:


Key restriction

This key is unrestricted. To prevent unauthorized use and quota theft, restrict your key.
Key restriction lets you specify which web sites, IP addresses, or apps can use this key.Learn more

  • None
  • HTTP referrers (web sites)
  • IP addresses (web servers, cron jobs, etc.)
  • Android apps
  • iOS apps
More Android Details: 

Restrict usage to your Android apps (Optional)

Add your package name and SHA-1 signing-certificate fingerprint to restrict usage to your Android apps
Get the package name from your AndroidManifest.xml file. Then use the following command to get the fingerprint:


More iOS Details

Accept requests from an iOS application with one of these bundle identifiers (Optional)

Community Support
Community Support

Hi @Anonymous,


Please take a look at the blog below for how to work with the BingMap API or Google Map API within PowerApps:

Displaying a Map using an Image control in PowerApps and Bing Maps or Google Maps API


Here within PowerApps, the API key is used together with the Map URL, if you would like user to only use this API, then you may just hardcode the API key within the URL, without providing the Key Input text.

By doing this, the key can only be be used within the App.

For example:

FOr the Google Map API, under the image property of image control, enter:

"" & EncodeUrl(txtLocation.Text) & "&size=" & txtImageWidth & "x" & txtImageHeight & "&key=XXXXXXXXXXXX"

Just replace 'XXXXXXXXXX' with the API key.




Community Support Team _ Michael Shao
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Not applicable

Hi Michael,

That document was incredibly helpful when I origionally got started on Static Maps. As a developer who maintains those API keys I am concerned about the security of imbeding the API key in the power app. That is the core of my question. I have temporarily setup the API as unrsericted and it is working in my app. 


Anyone that opens the app in the browser can pretty easily steal the API key by right clicking the image and inspecting the URL in a browser or loading a simulator for the iOS or Android app. Idealy I'd like to resrict it by app ID or website as the origionating source. As Power Apps is a container app for many diffrent apps I don't see how that can be done without leaving the API open to anyone else's power apps. Hoping someone can give me direction.




Helpful resources

PA User Group

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group

MBAS Attendee Badge

Claim Your Badge & Digital Swag!

Check out how to claim yours today!


Are Your Ready?

Test your skills now with the Cloud Skill Challenge.


Demo Extravaganza is Back!

We are excited to announce that Demo Extravaganza for 2021 has started!

MBAS on Demand

Microsoft Business Applications Summit sessions

On-demand access to all the great content presented by the product teams and community members! #MSBizAppsSummit #CommunityRocks

Top Solution Authors
Top Kudoed Authors
Users online (48,540)