Get API Key

To use the Maps SDK for Android, you must get an API key which you can then add to your mobile app, website, or web server. The API key is used to track API requests associated with your project for usage and billing. To learn more about API keys, see the API Key Best Practices and the FAQs.

Console

You can use the Google Cloud Platform Console to manage projects, get API keys, and add API key restrictions. For more information about the console, see Google Cloud Platform Console Help.

Quick guide

Step 1. Get an API key

Click the button below, to get an API key using the Google Cloud Platform Console. You will be asked to (1) pick one or more products, (2) select or create a project, and (3) set up a billing account. Once your API key is created you will be prompted to restrict the key's usage. (For more information, see Restricting an API key.)

Get Started

Step 2. Add the API key to your app

Follow the steps below to include the API key in your application's manifest, contained in the file AndroidManifest.xml.

  1. In AndroidManifest.xml, add the following element as a child of the <application> element, by inserting it just before the closing </application> tag: 
        <meta-data
        android:name="com.google.android.geo.API_KEY"
        android:value="YOUR_API_KEY"/>

    Substitute your API key for YOUR_API_KEY in the value attribute. This element sets the key com.google.android.geo.API_KEY to the value of your API key.

  2. Save AndroidManifest.xml and re-build your application.

Note: As shown above, com.google.android.geo.API_KEY is the recommended metadata name for the API key. A key with this name can be used to authenticate to multiple Google Maps-based APIs on the Android platform, including the Maps SDK for Android. For backwards compatibility, the API also supports the name com.google.android.maps.v2.API_KEY. This legacy name allows authentication to the Android Maps API v2 only. An application can specify only one of the API key metadata names. If both are specified, the API throws an exception.

Detailed guide

Follow these steps to get an API key and add restrictions:

  1. Go to the Google Cloud Platform Console.
  2. From the Project drop-down menu, select or create the project for which you want to add an API key.
  3. From the Navigation menu, select APIs & Services > Credentials.
  4. On the Credentials page, click Create credentials > API key.
    The API key created dialog displays your newly created API key.
  5. On the dialog, click Restrict Key.
    (For more information, see Restricting an API key.)
  6. On the API key page, under Key restrictions, set the Application restrictions.
    • Select Android apps and follow the instructions.
    • Click + Add package name and fingerprint.
    • Enter your package name and SHA-1 certificate fingerprint. For example: 
      com.example.android.mapexample
      BB:0D:AC:74:D3:21:E1:43:67:71:9B:62:91:AF:A1:66:6E:44:5D:75
      (For more information, see Where to get your app’s SHA-1 fingerprint).
    • Click Save.

Detailed guide for Premium Plan customers

Follow these steps to get an API key and add restrictions:

  1. Go to the Google Cloud Platform Console.
  2. From the Project drop-down menu, select the project created for you when you purchased the Google Maps APIs Premium Plan. The project name starts with Google Maps APIs for Business or Google Maps for Work or Google Maps.
  3. From the Navigation menu, select APIs & Services > Credentials.
  4. On the Credentials page, click Create credentials > API key.
    The API key created dialog displays your newly created API key.
  5. On the dialog, click Restrict Key.
    (For more information, see Restricting an API key.)
  6. On the API key page, under Key restrictions, set the Application restrictions.
    • Select Android apps and follow the instructions.
    • Click + Add package name and fingerprint.
    • Enter your package name and SHA-1 certificate fingerprint. For example: 
      com.example.android.mapexample
      BB:0D:AC:74:D3:21:E1:43:67:71:9B:62:91:AF:A1:66:6E:44:5D:75
      (For more information, see Where to get your app’s SHA-1 fingerprint).
    • Click Save.

Restricting an API key

Google Maps APIs are available for Android or iOS apps, web browsers, and via HTTP web services. APIs on any platform can use an unrestricted API key. You can optionally add a restriction. For Android apps, you restrict the key to your app's package name and SHA-1 signing-certificate fingerprint. Restricted keys work only on platforms that support that type of restriction.

To add restrictions to an API key, do the following:

  1. Go to the Google Cloud Platform Console.
  2. From the Project drop-down menu, select the project that contains the API key you want to secure.
  3. From the Navigation menu, select APIs & Services > Credentials.
  4. On the Credentials page, click the name of the API key that you want to secure.
  5. On the API key page, under Key restrictions, set the Application restrictions.
    • Select Android apps and follow the instructions.
    • Click + Add package name and fingerprint.
    • Enter your package name and SHA-1 certificate fingerprint. For example: 
      com.example.android.mapexample
      BB:0D:AC:74:D3:21:E1:43:67:71:9B:62:91:AF:A1:66:6E:44:5D:75
      (For more information, see Where to get your app’s SHA-1 fingerprint).
    • Click Save.

Where to get your app's SHA-1 fingerprint

The Android API key restriction is based on a short form of your app's digital certificate, known as its SHA-1 fingerprint.

Getting the certification information from Android Studio

If you follow the getting started guide for the Maps SDK for Android, Android Studio creates a handy google_maps_api.xml file with your app's credentials.

Choose one of the following ways to get your API key from Android Studio:

  • The fast, easy way: Use the link provided in the google_maps_api.xml file that Android Studio created for you:
    1. Copy the link provided in the google_maps_api.xml file and paste it into your browser. The link takes you to the Google Cloud Platform Console and supplies the required information to the Google Cloud Platform Console via URL parameters, thus reducing the manual input required from you.
    2. Follow the instructions to create a new project on the Google Cloud Platform Console or select an existing project.
    3. Create an Android-restricted API key for your project.
    4. Copy the resulting API key, go back to Android Studio, and paste the API key into the <string> element in the google_maps_api.xml file.
  • A slightly less fast way: Use the credentials provided in the google_maps_api.xml file that Android Studio created for you:
    1. Copy the credentials provided in the google_maps_api.xml file.
    2. Go to the Google Cloud Platform Console in your browser.
    3. Use the copied credentials to add your app to an existing API key or to create a new API key.

Getting the certificate information yourself

If you didn't follow the getting started guide when creating your app, you need to get the SHA-1 fingerprint for your certificate yourself. First ensure that you are using the right certificate. You may have two certificates:

  • A debug certificate: The Android SDK tools generate this certificate automatically when you do a debug build. Only use this certificate with apps that you're testing. Do not attempt to publish an app that's signed with a debug certificate. The debug certificate is described in more detail in Signing in Debug Mode in the Android Developer Documentation.
  • A release certificate: The Android SDK tools generate this certificate when you do a release build. You can also generate this certificate using the keytool program. Use this certificate when you are ready to release your app to the world.

Follow the steps below to display a certificate's SHA-1 fingerprint using the keytool program with the -v parameter. For more information about Keytool, see the Oracle documentation.

Debug certificate

Displaying the debug certificate fingerprint

  1. Locate your debug keystore file. The file name is debug.keystore, and is created the first time you build your project. By default, it is stored in the same directory as your Android Virtual Device (AVD) files:

    • macOS and Linux: ~/.android/
    • Windows Vista and Windows 7: C:\Users\your_user_name\.android\

  2. List the SHA-1 fingerprint:

    • For Linux or macOS, open a terminal window and enter the following:

      keytool -list -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android

    • For Windows Vista and Windows 7, run:

      keytool -list -v -keystore "%USERPROFILE%\.android\debug.keystore" -alias androiddebugkey -storepass android -keypass android

You should see output similar to this:

Alias name: androiddebugkey
Creation date: Jan 01, 2013
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Android Debug, O=Android, C=US
Issuer: CN=Android Debug, O=Android, C=US
Serial number: 4aa9b300
Valid from: Mon Jan 01 08:04:04 UTC 2013 until: Mon Jan 01 18:04:04 PST 2033
Certificate fingerprints:
     MD5:  AE:9F:95:D0:A6:86:89:BC:A8:70:BA:34:FF:6A:AC:F9
     SHA1: BB:0D:AC:74:D3:21:E1:43:07:71:9B:62:90:AF:A1:66:6E:44:5D:75
     Signature algorithm name: SHA1withRSA
     Version: 3
Release certificate

Displaying the release certificate fingerprint

  1. Locate your release certificate keystore file. There is no default location or name for the release keystore. If you don't specify one when you build your app for release, the build will leave your .apk unsigned, and you'll have to sign it before you can publish it. For the release certificate, you also need the certificate's alias and the passwords for the keystore and the certificate. You can list the aliases for all the keys in a keystore by entering:

    keytool -list -keystore your_keystore_name

    Replace your_keystore_name with the fully-qualified path and name of the keystore, including the .keystore extension. You'll be prompted for the keystore's password. Then keytool displays all the aliases in the keystore.

  2. Enter the following at a terminal or command prompt:

    keytool -list -v -keystore your_keystore_name -alias your_alias_name

    Replace your_keystore_name with the fully-qualified path and name of the keystore, including the .keystore extension. Replace your_alias_name with the alias that you assigned to the certificate when you created it.

You should see output similar to this:

Alias name: <alias_name>
Creation date: Feb 02, 2013
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Android Debug, O=Android, C=US
Issuer: CN=Android Debug, O=Android, C=US
Serial number: 4cc9b300
Valid from: Mon Feb 02 08:01:04 UTC 2013 until: Mon Feb 02 18:05:04 PST 2033
Certificate fingerprints:
    MD5:  AE:9F:95:D0:A6:86:89:BC:A8:70:BA:34:FF:6B:AC:F9
    SHA1: BB:0D:AC:74:D3:21:E1:43:67:71:9B:62:90:AF:A1:66:6E:44:5D:75
    Signature algorithm name: SHA1withRSA
    Version: 3

The line that begins with SHA1 contains the certificate's SHA-1 fingerprint. The fingerprint is the sequence of 20 two-digit hexadecimal numbers separated by colons.

Refer to the Android guide to signing your applications for further information about digital certificates.

Send feedback about...

This page
Documentation feedback
Maps SDK for Android
Product feedback
Need help? Visit our support page.