Member-only story
Securing Cloud Endpoints APIs with API Keys
Abstract
API keys are not meant to be a powerful mechanism to protect your APIs from malicious actors but definitely a good one for limiting your APIs access using quotas, possible charge your users with some fees (billing) and understanding how your users are using your API (monitoring).
If you want to use Endpoints features such Quotas, each request must pass an API key so that Endpoints can identify the Google Cloud Project that the client application is associated with.
Previously we created an API and set the configuration in Cloud Endpoint. We are now adding a layer of authorization to that API.
Stop this madness and show me the code.
API Keys
An API key is a simple encrypted string that identifies a Google Cloud project for quota, billing, and monitoring purposes
Cloud Endpoints allows you to expose your services to the world. API keys are unique identifiers that are used to authenticate requests to against Cloud Endpoints. When a client makes a request to your Cloud Endpoint, it must include the API key in the request header. Your Cloud Endpoint will…
