cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Anonymous
Not applicable

Google API Key in Power Apps

In order to leverage Google Static Maps in power apps an Google API key needs to be used.  Does anyone know how to apply apropraite key resrictions to prevent missuse of API key outside of Power Apps? Resricting to within particular power apps is event better. Here are the options I see in the Console:

 

Key restriction

This key is unrestricted. To prevent unauthorized use and quota theft, restrict your key.
Key restriction lets you specify which web sites, IP addresses, or apps can use this key.Learn more

  • None
  • HTTP referrers (web sites)
  • IP addresses (web servers, cron jobs, etc.)
  • Android apps
  • iOS apps
More Android Details: 

Restrict usage to your Android apps (Optional)

Add your package name and SHA-1 signing-certificate fingerprint to restrict usage to your Android apps
Get the package name from your AndroidManifest.xml file. Then use the following command to get the fingerprint:

 

More iOS Details

Accept requests from an iOS application with one of these bundle identifiers (Optional)

2 REPLIES 2
Community Support
Community Support

Re: Google API Key in Power Apps

Hi @Anonymous,

 

Please take a look at the blog below for how to work with the BingMap API or Google Map API within PowerApps:

Displaying a Map using an Image control in PowerApps and Bing Maps or Google Maps API

 

Here within PowerApps, the API key is used together with the Map URL, if you would like user to only use this API, then you may just hardcode the API key within the URL, without providing the Key Input text.

By doing this, the key can only be be used within the App.

For example:

FOr the Google Map API, under the image property of image control, enter:

"https://maps.googleapis.com/maps/api/staticmap?center=" & EncodeUrl(txtLocation.Text) & "&size=" & txtImageWidth & "x" & txtImageHeight & "&key=XXXXXXXXXXXX"

Just replace 'XXXXXXXXXX' with the API key.

 

Regards,

Michael

Community Support Team _ Michael Shao
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Anonymous
Not applicable

Re: Google API Key in Power Apps

Hi Michael,

That document was incredibly helpful when I origionally got started on Static Maps. As a developer who maintains those API keys I am concerned about the security of imbeding the API key in the power app. That is the core of my question. I have temporarily setup the API as unrsericted and it is working in my app. 

 

Anyone that opens the app in the browser can pretty easily steal the API key by right clicking the image and inspecting the URL in a browser or loading a simulator for the iOS or Android app. Idealy I'd like to resrict it by app ID or website as the origionating source. As Power Apps is a container app for many diffrent apps I don't see how that can be done without leaving the API open to anyone else's power apps. Hoping someone can give me direction.

 

Regards

Brandon

Helpful resources

Announcements
MBAS Gallery 2020

MBAS Gallery 2020

Watch Microsoft Business Applications Summit sessions on-demand.

firstImage

New Ranks and Rank Icons released on April 21!

The time has come: We are finally able to share more details on the brand-new ranks coming to the Power Apps Community!

Top Solution Authors
Top Kudoed Authors
Users online (6,655)