I have a question about the interplay of the Google Cloud API keys and the keys, that are used by Firebase:
I want to add Google API key restrictions for two apps (Android & iOS). So I created two new keys (Android iOS) in the Google Cloud Console, that should replace the old overpowered and unrestricted prod key, which was used for both platforms. I was able to add the desired restrictions for both new keys, but how can I change the keys in Firebase console (= in the google-services.json file for Android)? When I try to download the google-services.json file, the key is still the old one. And I don't see any option to update this key in the Firebase Console. Firebase is also still using the old key when I add a new app with package-name and fingerprint to the Firebase project.
See the docs: https://cloud.google.com/api-keys/docs/add-restrictions-api-keys
CodePudding user response:
I found out how Firebase updates its keys:
When you first obtain your app's Firebase config file/object, Firebase checks if there are any existing API keys in your project that have "Application Restrictions" that match the app (for example, a matching bundle ID for the Apple app).
If Firebase doesn't find any restricted keys that match, then it will list in the config file/object the iOS key for Apple apps, the Android key for Android apps, and the Browser key for web apps (assuming that these keys exist and have no "Application Restrictions" that keep them from matching to that app).
So I had to configure the Android package-id and the fingerprint of the App in the Google Console right, so it gets synchronized when I create a new Firebase project.
See: https://firebase.google.com/docs/projects/api-keys#faq-auto-matching-app-to-key