Security Best Practices
API keys are project-centric credentials that deserve the same precautions as user IDs and passwords. Be sure to review the API Key Best Practices to secure your keys from unintended use, that could lead to undue quota usage and unexpected charges to your account.
API keys are the preferred authentication method for accessing Google Maps Platform APIs. While the older Client IDs continue to be supported, API keys support finer-grained security controls and can be tuned to work with specific web addresses, IP addresses, and mobile APIs (Android and iOS). For information on how to create an API key, visit Get Started.
If your apps experience errors from excessive attempts to call an API within a short period of time, such as QPS errors, consider using exponential backoff to let the requests process.
Specifically, you would adjust the pace of your queries. In your code, add
a waiting period of
S seconds between queries. If the query still results
in a QPS error, double the waiting period, then send another query. Continue
adjusting the waiting period in this manner until the query returns without
Requests to APIs that include user interaction should be sent only on-demand. This means waiting for the end user to perform an action (such as on-click) to initiate the API request, then using the results to load a map, set a destination, or display appropriate information. Using an on-demand approach avoids unnecessary requests to the APIs, reducing API consumption.
Monitor and restrict consumption
To help you to plan your budget and control costs, you can do the following:
- Set a budget alert, to track how your spend is growing toward a particular amount. Setting a budget does not cap API usage, it only alerts you when your spend amount gets near the specified amount.
- Cap your daily API usage, to manage your cost of use of billable APIs. By setting caps on requests per day, you can limit your spend. Use a simple equation to determine your daily cap depending on how much you want to spend. For example: (Monthly spend / price per each )/30 = requests per day cap (for one API). Note that your implementation may use multiple billable APIs, so adjust your equation as needed. Remember, a $200 USD Google Maps Platform credit is available each month, so be sure to factor that into your calculation.
The use of a single map per page is a good way to optimize maps display. Users generally interact with one map at a time. Your app can manipulate the map to display different data sets, depending on customer interaction and needs.
Dynamic and Static Maps and Street View
Requests that use dynamic imagery (Dynamic Maps and Dynamic Street View) cost more than Static Maps and Static Street View. If you don’t foresee user interaction with Map or Street View (zooming or panning), consider using the static versions of these APIs.
Thumbnails, very small maps and photos, are another good use for Static Maps and Static Street View. These items are billed at a lower rate and upon user interaction (on-click), they can lead to a dynamic version for a full Google Maps experience.
Maps Embed API
You can use the Maps Embed API to add a map with a single marker, or a dynamic map, free of charge. Use the Maps Embed API for applications where a single marker is required, and no map customization is required. Maps Embed API requests utilizing Directions mode, View mode, or Search mode will now be billed (see the pricing table for details).
Directions API - Waypoint Count
When possible, limit user entries in a query to a maximum of 10 waypoints. Requests containing more than 10 waypoints are billed at a higher rate.
Directions API - Waypoint Optimization
Requests using the waypoint optimization argument are billed at a higher rate. For more information, visit Optimize Waypoints.
The optimization argument sorts waypoints to ensure optimal routing, meaning that travel from A to E is a better experience when optimized (A-B-C-D-E) versus the random sequence of a non-optimized route (such as A-D-B-C-E).
Directions API and Distance Matrix API - Traffic models
Directions API and Distance Matrix API
requests that include real-time traffic models are billed at a higher rate.
Real-time traffic models are enabled by setting the departure time to
If traffic models are omitted from a request, the results are based solely on physical factors: roads, distance, and speed limits.
Maps Roads API - Route Traveled & Nearest Road
The Roads API features, Route Traveled and Nearest Road, are included in the advanced tier and are billed at a higher rate. Use these features where GPS data is imprecise and the Roads API can help determine the correct road. Speed Limits, another feature of the Roads API, is available only to asset tracking customers.
Maps Roads API - Speed Limits
To minimize the volume of calls to the Speed Limit service, we recommend sampling the locations of your assets at 5 to 15 minute intervals (the exact value depends on the speed at which an asset is traveling). If an asset is stationary, a single location sample is sufficient (there is no need to make multiple calls).
To minimize overall latency, we recommend calling the Speed Limit service once you have accumulated some data, rather than calling the API every time the location of a mobile asset is received.
Identify the Autocomplete option that better suits your use case, as both have the same cost. The difference is how end users of your application can leverage the APIs.
- Autocomplete - Per Request: ideal for use cases where a single entry is enough, such as a mailing address form that a user fills out.
- Autocomplete - Per Session: Best used when multiple entries are required, such as searches for a hotel or restaurant.
Autocomplete - Per Session allows unlimited results, however it requires the implementation of tokens to ensure sessions are valid. If an invalid session occurs, Autocomplete - Per Request charges are applied per keystroke, that could lead to higher billings. For more information about this feature, see Place Autocomplete.
You can customize Place Detail requests to return data for specific fields used in your application. These fields are broken into categories: Basic, Contact, and Atmosphere. Requests that do not specify any fields will receive data for all fields. Billing for Place Detail requests is based on the types and amounts of data requested. Requests that do not specify any fields will be billed at the full rate. For more information about this feature, see Place Details.
Similarly to Place Details, Place Search requests can be customized to return data for specific fields. These fields are broken into categories: Basic, Contact, and Atmosphere. Requests that do not specify any fields will receive data for all fields. Billing for Place Detail requests is based on the types and amounts of data requested. Requests that do not specify any fields will be billed at the full rate. For more information about this feature, see Place Search.
If your application handles user-typed addresses, the addresses are sometimes ambiguous (incomplete, misspelled, or poorly formatted). You can disambiguate addresses using Autocomplete. Then, use the place IDs to get the place locations.
If you have an exact address (or close to it), however, you can reduce costs by using Geocoding instead of Autocomplete. For more details, see Geocoding Addresses Best Practices.
Mobile Maps SDKs