Google Commerce Search Training API Keys
Google Commerce Search Training
API Keys
Google Commerce Search
Overview
This tutorial covers
● What Are API keys● Setting up API keys
○ API projects○ Server side○ Browser
● Security● Quotas● API Error Messages
API Keys and GCS
○ Keys are access tokens that allow GCS queries■ Not strictly authentication or authorization tokens■ Google API services require API keys for access■ GCS is an aspect of a Google API (Search API for Shopping)
○ Simply a way to regulate/control Google API access○ *All* GCS/Shopping API queries must contain an API key○ Keys are unique to the customer and should not be shared○ https://developers.google.com/console/help/#generatingdevkeys
https://www.googleapis.com/shopping/search/v1/cx:014034025922634248784:wxuo9fqco9m/products?country=us&alt=atom&key=AIzaSyDAH9n6vu4JGg7iDcW7UtrO4Y9q0v2Pfbo&q=digital+camera
Google Commerce Search
API Keys
GCS cx
API Key
Creating API Keys
○ Keys setup during GCS instance creation○ Each GCS instance should have at least
■ 1 Search API key (server-side)■ 1 SAYT Key (browser key)
○ Keys white-listed for higher quotas during account provisioning
Setting up API keys
○ Login using the @gmail account you want to own the GCS instance (NOTE: GCS instances are not transferable so this login should be generic login)
○ Goto https://code.google.com/apis/console/?api=shopping○ Click on "Services" and enable "Shopping API"○ For Search API key, click "API Access > New Server Key"○ For SAYT key, use "Browser Key"○ Add IP or Referrer Restricts as necessary○ Add userIP= user queries per second for Server keys○ Provide API keys to Google for Provisioning
Google Commerce Search
API Keys
Creating API Keys
○ Click on "Services" and enable "Shopping API"
Google Commerce Search
API Keys
Creating API Keys
○ For Search API key, click "API Access > New Server Key"○ Note: browser key enabled by default. ○ example below, the browser key was deleted from the API project
Google Commerce Search
API Keys
API Project
Creating API Keys○ For SAYT key, use "Browser Key"○ Add Referrer Restricts
Google Commerce Search
API Keys
Referrer Restricts
Google Confidential and Proprietary
2. API Key Security
Search API Key IP Restrictions○ Enter IP address where GCS requests will originate from○ Public (NAT) IP address of your application server○ Used to protect your API key from unauthorized access
https://developers.google.com/console/help/#monitoringandfiltering
Google Commerce Search
Server-side API Keys
Your Application Server Google
Public IP as seen from GCS address: 8.8.8.8
Search API Key &userIP= parameter○ Transmit the browsers origin IP address to GCS with every
request○ Used to prevent Denial of Service Attacks (DOS) by limiting the
number of GCS requests originating from one IP○ Public (NAT) IP address of your application server○ Used to protect your API key from unauthorized access○ Applies only to Search API keys, not SAYT browser keys○ Set on API Console > Quotas > Set per-user limit○ Example below, maximum 3 API requests from a given IP
address thats transmitted as &userIp=
Google Commerce Search
Prevent DOS and Regulating Key usage
Your Application Server Google
/products?alt=atom&country=us&q=android...&userIp=1.2.3.4Browser IP= 1.2.3.4
Browser API Key for Search As You Type (SAYT)○ Browser API key used for SAYT○ Protected using referrer on the API console.○ API Key rejects requests without referrers that match restricts○ Example below, GCS will only work on
■ www.googlestore.com/*■ www.google.com/* << for GCS Admin console "Preview"
Google Commerce Search
Restricting Browser keys
Google Confidential and Proprietary
3. API Quotas
○ Default API quotas 2500 queries per rolling 24 hours○ API quotas enforced at the *PROJECT* level
■ If SAYT and Search keys uses same project, quota shared■ Could cause outage if SAYT key quota is exhausted
○ API keys whitelisted during provisioning
Google Commerce Search
API Quotas
Google Confidential and Proprietary
4. API Errors
○ Common API key errors○ Use API key in query in json mode
https://www.googleapis.com/shopping/search/v1/cx:014034025922634248784:wxuo9fqco9m/products?country=us&alt=json&key=AIzaSyDAH9n6vu4JGg7iDcW7UtrO4Y9q0v2Pfbo&q=digital+camera
● keyExpired: key was deleted and no loger exists{ "error": { "errors": [ { "domain": "usageLimits", "reason": "keyExpired", "message": "Bad Request" } ], "code": 400, "message": "Bad Request" }}
Google Commerce Search
API Errors
● dailyLimitExceeded: The daily quota limit was exceeded. Contact Enterprise support to increase the quota.
{ "error": { "errors": [ { "domain": "usageLimits", "reason": "dailyLimitExceeded", "message": "Daily Limit Exceeded" } ], "code": 403, "message": "Daily Limit Exceeded" }}
● userRateLimitExceeded: The per user QPS is set too low. Check to see if you are transmitting the &userIp= of the end user.
{ "error": { "errors": [ { "domain": "usageLimits", "reason": "userRateLimitExceeded", "message": "User Rate Limit Exceeded", "debugInfo": "QuotaState: USER_QPS_THROTTLED" } ], "code": 403, "message": "User Rate Limit Exceeded" }}
Google Commerce Search
API Errors
● accessNotConfigured: The API key maybe restricted to only certain origin IP addresses (if server) or referrers (if browser)
{ "error": { "errors": [ { "domain": "usageLimits", "reason": "accessNotConfigured", "message": "Access Not Configured", "debugInfo": "QuotaState: BLOCKED" } ], "code": 403, "message": "Access Not Configured" }}
Google Commerce Search
API Errors
https://developers.google.com/commerce-search
Google Commerce Search
Thank You