Stay organized with collections Save and categorize content based on your preferences.
Using API KeysThis page describes how to utilize API keys in API Gateway.
An API key is a simple string that identifies a Google Cloud project for quota, billing, and monitoring purposes. A developer generates an API key in a project in the Google Cloud console and embeds that key in every call to your API as a query parameter or in a request header.
If you specify an API key requirement in your API config, API Gateway uses the API key to look up the associated Google Cloud project. API Gateway rejects requests unless the API key was generated in your Google Cloud project or within other Google Cloud projects in which your API has been enabled.
Note: Unlike credentials that use short-lived tokens or signed requests, API keys function as part of the API request. As a result, API keys are vulnerable to man-in-the-middle attacks and may not be as secure as other authentication credentials. You can use API keys in addition to one of the other supported forms of authentication, but we do not recommend using only API keys when API calls contain sensitive data.To create an API key, or view API keys already available within your Google Cloud project, go to the APIs & Services > Credentials page.
Use caseTo use API Gateway features such as quotas, you can pass in an API key so that API Gateway can identify the Google Cloud project that the client application is associated with.
About API key authentication for API GatewayIf you are using an API key for authentication, you must first enable API key support for your service.
Enter the following command:
gcloud services enable MANAGED_SERVICE_NAME
The MANAGED_SERVICE_NAME specifies the name of the managed service created when you deployed the API. You can find this name in the Managed Service column for your API on the APIs landing page in the console. Alternatively, you can find this name in the Managed service property when using the gcloud api-gateway apis describe command.
For example:
gcloud services enable my-api-a12bcd345e67f89g0h.apigateway.my-project.cloud.googRestricting API keys
API keys are unrestricted by default. Unrestricted keys are insecure because they can be used by anyone from anywhere. We recommend that you add API restrictions where possible. API restrictions specify which APIs can be called using the API key. All API keys used by production applications should have API restrictions.
To add API restrictions:
Find the title of the API as noted in your API Config. In the following example, the API title is My Example Config:
# openapi.yaml swagger: '2.0' info: title: My Example Config description: Sample API on API Gateway version: 1.0.0 ...
In the Google Cloud console, go to the APIs & Services > Credentials page.
Select the name of the API key you wish to use for your API.
In the API restrictions section of the API key detail page, click Restrict key.
Select the API that your API key will be used to access from the dropdown list of available APIs. For example, if using the example config above, select My Example Config.
Click Save.
Your restriction should take effect momentarily.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-08-07 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["API keys are simple strings used to identify a Google Cloud project for quota, billing, and monitoring in API Gateway."],["API Gateway requires API keys generated within your Google Cloud project, or projects where your API is enabled, to authorize requests."],["While useful for features like quotas, API keys are vulnerable to man-in-the-middle attacks and should not be the sole form of authentication for sensitive data."],["Enabling API key support for a service requires using the `gcloud services enable MANAGED_SERVICE_NAME` command, specifying the managed service's name."],["For security, API keys should be restricted to specific APIs through the Google Cloud console's **APIs & Services \u003e Credentials** page, ensuring they are not used by unauthorized parties."]]],[]]
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4