Client ID URL Authorization

Important: The Google Maps Platform Premium Plan is no longer available for sign up or new customers.

Maps JavaScript API client ID authentication

You can authenticate your requests with the Google Maps Platform using a client ID in combination with URL registration (instead of an API key).

Specifying a client ID when loading the API

The code below shows you how to replace YOUR_CLIENT_ID with your own client ID when loading the Google Maps Platform.

<script async defer src="https://maps.googleapis.com/maps/api/js?client=YOUR_CLIENT_ID&v=quarterly&callback=initMap"></script>

Managing authorized URLs

To prevent a third party from using your client ID on their own website, the use of your client ID is restricted to a list of URLs that you have specifically authorized.

Locating your client ID in the Cloud Console

URL authorization in the Cloud Console

  • Your authorized URLs are all listed in the Authorized URLs for Client ID gme-[company] table on the Client ID page.

  • To remove a URL, check the box to the left of the URL and click the delete icon at the top right of the table.

  • To add new URLs, click Add URLs at the bottom of the table.

Inportant: The rules of authorized client IDs URLs differs from API key referrer restrictions. See below for further details.

The following considerations apply regarding URLs that are authorized:

The domain name or IP address does not have to be publicly accessible.
For example, http://myintranet and http://192.168.1.1 are valid entries.
All subdomains of a specified domain are also authorized.

For example, if the naked domain http://example.com is authorized, then subdomain http://www.example.com is also authorized. The reverse is not true: if http://www.example.com is authorized, http://example.com is not automatically authorized.

All subpaths of an authorized path are also authorized.

For example, if http://example.com is authorized, then http://example.com/foo is also authorized. In addition, because subdomains of a specified domain are also authorized, http://sub.example.com/bar is authorized.

Paths are case sensitive.

For example, http://www.example.com/ThisPath/ is not the same as http://www.example.com/thispath/.

You may restrict valid URLs to those using certain ports.

For example, if http://example.com:8080/foo is specified, that doesn't authorize http://example.com.

HTTP and HTTPS protocols are considered different URLs.

For example, if https://example.com is authorized, http://example.com is not automatically authorized.

If you provide a suffix reference without protocol scheme, for example www.example.com, separate rules will be created both for HTTP and HTTPS.

For more exotic protocol schemes than HTTP or HTTPs, see the provided instructions in the Cloud Console.