Google Maps API Key Restriction Verification Guide

✅ What You Should Have Set Up

Based on best practices, here’s what your restrictions should look like:

1. Application Restrictions

2. API Restrictions


🧪 How to Test Your Restrictions

Test 1: Check if your map still works

  1. Visit your contact page: https://www.denverpsychologyandwellness.com/contact
  2. The map should load and display correctly
  3. If you see a grey box or “For development purposes only” watermark → restrictions are TOO strict

Expected Result: ✅ Map loads normally


Test 2: Check browser console for errors

  1. Visit your contact page
  2. Right-click anywhere on the page → “Inspect” or press F12
  3. Click the “Console” tab
  4. Look for any red errors mentioning “API key” or “Google Maps”

Expected Result: ✅ No API key errors

Common error messages if restrictions are wrong:


Test 3: Verify in Google Cloud Console

  1. Go to: https://console.cloud.google.com/google/maps-apis/credentials
  2. Click on your API key name
  3. Verify these settings:

Application restrictions:

API restrictions:


⏱️ IMPORTANT: Wait Time

Restrictions can take up to 5 minutes to take effect!

If your map isn’t working immediately after adding restrictions:

  1. Wait 5 minutes
  2. Clear your browser cache (Ctrl+Shift+Delete)
  3. Try again

🔒 Security Check: Test if Key is Actually Restricted

To verify your key is truly secure, you can try this test:

  1. Create a simple HTML file on your desktop with this code: ```html <!DOCTYPE html>
Test

```

  1. Open this file in your browser (it will have a file:// URL)
  2. Expected Result: ❌ Map should NOT work (you should see errors in console)
  3. Why: This proves your key is restricted and can’t be used from unauthorized domains

✅ Success Indicators

Your restrictions are working correctly if:

  1. ✅ Map loads on www.denverpsychologyandwellness.com/contact
  2. ✅ No console errors about API keys
  3. ❌ Map does NOT work when tested from a local HTML file or different domain
  4. ✅ Google Cloud Console shows your restrictions properly set

🚨 Troubleshooting

Problem: Map shows “For development purposes only”

Solution:

Problem: Map is grey/not loading

Solutions to try:

  1. Wait 5 minutes (restrictions take time)
  2. Check referrer format includes /*
  3. Verify you’re using HTTPS (not HTTP)
  4. Make sure “Maps JavaScript API” is enabled AND selected in restrictions

Problem: “RefererNotAllowedMapError”

Solution: Your referrer format is wrong. Should be:


📊 What Did We Accomplish?

Before: Anyone with your API key could use it anywhere, potentially costing you money

After: Your API key can ONLY be used on denverpsychologyandwellness.com and ONLY for Maps JavaScript API

This prevents:


📝 Next Steps

  1. ✅ Test your contact page map
  2. ✅ Check browser console for errors
  3. ✅ Verify restrictions in Google Cloud Console
  4. ✅ (Optional) Test that key doesn’t work elsewhere

Once you confirm everything is working, you’re all set! 🎉