How to restrict A Youtube API key for mobile App

This follows the previous post on restricting your YouTube API Key for your mobile apps.

If you’ve followed the previous post of getting your API key from Google Cloud Console, you would have read the option of restricting your API key for your mobile app.
So let’s get into the process of obtaining your mobile app API key

WARNING: This post requires you to know about security keys and assumes that you are familiar with Android Studio.

Alright, let’s get cracking…
Following from the previous post, we have already created an API Key for our website. Now let’s create a new API Key that you can secure for your apps.
Click on ‘Create Credentials’ and choose API Key.


Wait for a short while and let Google provide you with a new API Key.
Now let’s restrict it by clicking on ‘Restrict Key’.
This takes us to the ‘Credentials’ page where you can name your API Key for your reference.
For our purposes, I am going to restrict the API key for ‘Android apps’. You can do the same for iOS, just remember to change the files in your code editor accordingly.


Android apps require you to create a keystore certificate fingerprint for your specific app.
In order to do this, we need to click ‘Add An Item’ under Restrict Usage to your Android apps.
This requires a SHA-1 fingerprint which you can get from clicking here or following this post: https://teamtreehouse.com/community/guide-getting-sha1-key-for-a-windows-system


Restricting your API key also requires you to place your android Package name. You should have this already when you built your android app or if you are unsure, go to the Gradle file of your android app. You will get your Package name from the applicationId section as shown below:

Now to get your SHA Certificate, use the Command program from Windows or Mac or simply copy/type it into your terminal in Android Studio.

For Windows:-

keytool -list -v \ -alias androiddebugkey -keystore %USERPROFILE%.android\debug.keystore

OR you can use the following:

keytool -list -v -keystore C:\Users\your_user_name.android\debug.keystore -alias androiddebugkey -storepass android -keypass android

For Mac/Linux:-

keytool -list -v \ -alias androiddebugkey -keystore ~/.android/debug.keystore

And then just click ‘Save’.

To Enable your API to work properly, Google sometimes requires that you add the correct billing details to that project that your API key is in.
To do this, go to the Google Cloud Platform menu on the left, click it and search for ‘Billing’.
Once you do that, it will take you to the billing page.
Click on the ‘Account Manage’ option in the menu. When the page has loaded, make sure that it shows your project is linked to the billing account.

And that’s it. You have now secured your api key to your android app.

Conclusion:

  1. In your Google Console, after creating your project and enabling the API, click on ‘Restrict Key’.
  2. Make sure to have keytool installed on your computer.
  3. Make sure to have your SHA-1 certificate at hand.
  4. Make sure you have your Android Package name at hand.
  5. Add the details of SHA-1 and package name to your API Key restrictions.
  6. Save the details and check your project’s connection to your restricted API key.
  7. Enjoy your restricted API service.

If this post was helpful, be free to let me know in the comments below.
Stay awesome!

Join to get updates

Similar Posts

API Link chain

What Is An API

Have you ever wondered what API really means and what it’s supposed to do? Find out in this post.

Read More »
No more posts to show