Using API Keys

This guide shows how to create, restrict, and use your API Key for Google Maps Platform.

Before you begin

Before you start using the Distance Matrix API, you need a project with a billing account and the Distance Matrix API enabled. To learn more, see Set up in Cloud Console.

Creating API keys

The API key is a unique identifier that authenticates requests associated with your project for usage and billing purposes. You must have at least one API key associated with your project.

To create an API key:

  1. Go to the APIs & Services > Credentials page.

    Go to the Credentials page

  2. On the Credentials page, click Create credentials > API key.
    The API key created dialog displays your newly created API key.
  3. Click Close.
    The new API key is listed on the Credentials page under API keys.
    (Remember to restrict the API key before using it in production.)

Restricting API keys

Restricting API Keys adds security to your application by ensuring only authorized requests are made with your API Key. We strongly recommend that you follow the instructions to set restrictions for your API Keys. For more information, see API Key best practices.

To restrict an API key:

  1. Go to the APIs & Services > Credentials page.

    Go to the Credentials page

  2. Select the API key that you want to set a restriction on. The API key property page appears.
  3. Under Key restrictions, set the following restrictions:
    • Application restrictions:
      1. To accept requests from the list of web server IP addresses that you supply, select IP addresses (web servers, cron jobs, etc.) from the list of Application restrictions.
      2. Specify one IPv4 or IPv6 address or a subnet using CIDR notation (e.g. If you need to enter another entry, a new box appears after you complete adding the previous entry.
    • API restrictions:
      1. Click Restrict key.
      2. Select Distance Matrix API from Select APIs dropdown. If the Distance Matrix API is not listed, you need to enable it.
  4. To finalize your changes, click Save.

Adding the API key to your request

You must include an API key with every Distance Matrix API request. In the following example, replace YOUR_API_KEY with your API key.

HTTPS is required for requests that use an API key, and recommended for requests that use a client ID. HTTPS is also required for applications that include sensitive user data - such as a user's location - in requests.

Troubleshooting authentication issues

If your request is malformed or supplies an invalid signature, the Distance Matrix API returns an HTTP 403 (Forbidden) error.

To troubleshoot individual URLs, you can use the URL Signing Debugger. It allows you to quickly validate a URL and signature generated by your application.