# Secure Your Google Maps API Key

Google offers a robust and secure method for using your API key, making it easy to manage while ensuring it is only utilized on your designated websites. This approach enhances both security and ease of use, providing peace of mind as you integrate your API.

If you have already created the API key, follow the below steps to apply the restrictions for utilising it only on specified websites :

### Step 1: Access API Credentials

1. Open **Google Cloud Console**.
2. Navigate to **APIs & Services** → **Credentials**.
3. Locate your **API key** and click on it to edit the restrictions.

<figure><img src="/files/0wiREaE48H3j3yVU16T7" alt=""><figcaption></figcaption></figure>

### Step 2: Set Application Restrictions

1. In the **Application restrictions** section, select **Websites**.
2. This limits the API key usage to specific domains only.

<figure><img src="/files/NLPkdfofn5ufGO55UWgZ" alt=""><figcaption></figcaption></figure>

### Step 3: Add Website Restrictions

In the **Website restrictions** field, enter your store domains **without** `https://`, as shown below.

<figure><img src="/files/06OMmu0KUshL64vAgyHA" alt=""><figcaption></figcaption></figure>

Example entries:

```
example.com
*.example.com
```

Required domains for Shopify and the app:

```
example.myshopify.com
*.shopifypreview.com
*.spicegems.com
```

{% hint style="info" %}
**Important notes:**

* Replace `example.com` with your actual store domain.
* If your store uses a `www` prefix (e.g., `www.example.com)` you do **not** need to add it separately. Using `example.com` is sufficient.
  {% endhint %}

### Step 4: Apply API Restrictions

1. Scroll to the **API restrictions** section.
2. Select the **Restrict key**.
3. Choose the required **API services** from the list (based on your integration needs).

<figure><img src="/files/OojGdfRP8FNxnAWfi63C" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
Note: Following API services must be added.

Geolocation API\
Geocoding API\
Maps Javascript API\
Places API\
Places API (new)
{% endhint %}

### Step 5: Save Your Changes

1. Click **Save** at the bottom of the page.
2. Your API key restrictions will now be applied and enforced.

<figure><img src="/files/fj2W8dOzLBNKrvghllM7" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.spicegems.com/esl-easy-store-locator/google-maps/secure-your-google-maps-api-key.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.