21 October 2008

New Android Maps API Terms of Service and Key Enforcement

When we released the 0.9_r1 beta SDK, we mentioned that the Maps API included with Android would soon require an API key to function correctly and load map tiles. Part of the reason for this was that the Terms of Service (ToS) for the Maps API had not been finalized.

Today, I'm pleased to be able to tell you that the new Android Maps API ToS are now finalized and they're actually pretty exciting. Most of the restrictions present in the old ToS are now gone—for instance, it's now permissible to use the Android Maps API to build "friend finder" style applications. There are still a few limitations, but not nearly as many as before.

Now that the ToS are finalized, it's time to take the next step. Until now, developers have been able to use any value for their Maps API key—that is, the Maps API keys weren't enforced. However, starting early tomorrow morning (Oct 22nd, PDT), we are turning on Maps key enforcement, so the grace period is ending very soon. This means it's also time for developers to acquire and begin using real API keys. Here's what you'll need to do:

  1. Visit http://code.google.com/android/maps-api-signup.html, fill out the required information, agree to the Terms of Service, and submit.
  2. Take the key you are given in response, and place it either:
    • In the XML layout where you declare your MapView, or
    • In your source code, where you instantiate your MapView object

The way the keys work is that when you use a MapView, it queries the system to find the public fingerprint ID of the certificate used to sign the currently-running application. The MapView then works with the server to verify that the certificate which signed the current application is the same certificate to which the current Maps API key belongs. If they match, then tiles are displayed; if they do not match, then no map tiles are displayed.

You will need one Maps API key for each certificate you use to sign your applications. That is, you'll need separate Maps API keys for both your debug-time signing certificate used in the emulator, and for your release-time certificate you'll use when publishing your apps. Fortunately this is free, and there is no limit to the number of keys you can acquire. Finally, note that this only applies if you're using a MapView in your Android application. If you don't use Maps at all, or if you use an Intentto launch Google Maps, you don't need to follow these steps.

Be sure to get your Maps API key now to avoid a disruption.