Client ID Migration Guide

Overview

In order to increase authentication security and reliability, Maps Platform client IDs are deprecated since May 26, 2025, and can no longer be used after May 31, 2026.

Instead of using a client ID, you must use API Key credentials to authenticate your Google Maps API service traffic. This guide shows you how to migrate from using client IDs, to using API keys.

Follow these steps to get started:

1. Check the current client ID usage
2. Prepare API Keys
3. Review quota settings
4. Update your code
5. Monitor your client ID traffic
6. Pause your client ID

Check current client ID usage

Before beginning the migration process, list the following:

• Maps Platform Services with which you are using with your client ID.
• Applications, sites, or systems with which you are using your client ID.

Google sent a notification email to affected customers about client ID deprecation in May 2025. You can find this information in the notification email as well.

On the Cloud Console, you can check the latest status of your Client ID usage on the Google Maps Metrics Page

For a list of Maps Platform Services:

1. Open the Metrics page on the Cloud Console.
2. Filter your usage with the following settings:
   • Credentials: Select "project_number:<numerical identifier>" only.
3. Set the following filter.
   • Grouped by: API

For hints of applications, sites, or systems:

The Cloud Console doesn't show details of your applications, sites, or systems. But you can find some hints of sources of your Client ID traffic. Follow these steps:

1. Open the Metrics page on the Cloud Console.
2. Select a Maps Platform service from the drop-down.
3. Filter your usage with the following settings:
   • Credentials: Select "project_number:<numerical identifier>" only.
4. Set the following filter.
   • Group by: Platform, or Domain
5. Repeat from step 2 for each Maps Platform service for which you need to check the traffic.

Prepare API keys

All client IDs are associated with a Google Cloud project, and using an API key from that project will give you access to the same features that you previously accessed with your client ID. We recommend migrating to the associated project, to avoid issues with quotas or missing features.

1. Find the Cloud Project that your client ID is linked to:
   • Portal Migration FAQ
2. Make sure your Cloud Project is linked to an open Billing Account.
3. Create a new API key for client ID migration.
   • You can reuse any existing API keys on the Cloud Project.
   • You can use multiple API keys from the same Cloud Project, for example, in order to separate traffic for each Maps Platform service, or to separate traffic from different platforms (browser, mobile app, and so on). Refer to the security guide for best practices on API key management.

Secure your API key

Be sure to secure your API key to protect your key from unauthorized access.

• Set an application restriction for your API key (e.g. Websites, IP addresses, Android apps, or iOS apps).
• Set API restrictions for your API key.

For more details see Google Maps Platform security guidance.

For Maps JavaScript API, Maps Static API, and Street View Static API, you can migrate the trusted referrers on your client ID to the API key restrictions. You can find the list of trusted referrers on the Cloud Console.

Review quota settings

Make sure you have expected quota settings on your Cloud Project. You only need to do this if you are calling the Maps JavaScript API client-side services from a client ID. You can check and adjust your quota settings on the Google Maps Quotas Page.

Learn more about quota reports

Quota increase for Maps JavaScript API client-side services

If you are using the following services on Maps JavaScript API, you will see the quota usage increase after the API key migration.

Review your current quota configuration, current usage, and adjust your quota limits accordingly.

1. Check if you are using Maps JavaScript API client-side services with a client ID.
   • Open the Metrics page on the Cloud Console.
   • Filter your usage with the following settings:
     • Grouped by: API Method
     • Credentials: Select "project_number:<numerical identifier>" only.
   • Then, you'll see a list of Method names with its traffic in the "Traffic by API Method" chart.

• If you don't use those API methods, you don't need to worry about quota settings, as your client ID traffic already consumes your project quota.
• Estimate your client ID quota usage
  • For each of the services, check both the Per Second, and the Per Day granularity.
  • Per Second graph: multiply the peak traffic by 60 for the additional Quota Per Minute needs.
  • Per Day graph: The peak traffic should be the additional Quota per Day needs.
• Adjust your quota on the corresponding Maps Platform services
  • Based on the method name which you find in Step 1, adjust quota on the corresponding services.

Update your code

Update the authentication credentials from URL&client={value} to URL&key={value} in your outgoing GMP API calls. If your apps are using HTTP to access GMP services, update them to use HTTPS.

Remove signature parameter for web services

For Web Service APIs (*), the signature parameter is not needed when you access them with an API key. Only remove the signature parameter from your API requests.

• Directions API (Legacy)
• Distance Matrix API (Legacy)
• Geocoding API
• Elevation API
• Time Zone API

See the Premium Plan Overview for more information.

Signing Secret for Imagery APIs

Maps Static API, and Street View Static API still require the signature parameter. They accept a small number of requests without signature for testing purposes, but they start failing once it hits the threshold in your production. Replace your signing secret from the one for the client ID to the one for the API key. You can use the same signing algorithm, but you need to use another signing secret. To learn more, see Use a Digital Signature.

Monitor your client ID traffic

After the deployment, confirm that your traffic has migrated successfully using the Cloud Console dashboards. You will start seeing a decrease in your client ID traffic, which is shown in "project_number:123456" format on the dashboard when grouping by credential.

Pause your client ID

We strongly recommend that developers pause client IDs after the migration. It is to protect your credentials from any unintended traffic, and to confirm that any remaining usage on your client ID is not critical (e.g. testing, caches, bots, …) and can return errors without causing business impact. You can pause your client ID on the Cloud Console. See Premium Plan Authentication Overview for more details.

Troubleshooting

How can we see if our request is failing or not?

You can check your error stats on the Response code graphs

ApiNotActivatedMapError, or REQUEST_DENIED error

You will see the ApiNotActivatedMapError, or REQUEST_DENIED error, if you didn't enable the service on your Cloud Project. Follow the instructions to enable the service.

RefererNotAllowedMapError error

You will see the RefererNotAllowedMapError error, if your source domain is not added to your API key. Check the "Secure your API key" section, and add your domain to the API key.

OverQuotaMapError, or OVER_QUERY_LIMIT error

You will see the OverQuotaMapError, or OVER_QUERY_LIMIT, if your configured quota is not sufficient to cover your traffic. Check the "Review quota settings" section, and adjust your quota accordingly.

"Requests to this API must be over SSL" error

If you receive the following error message, update your API requests from "http://" to "https://".

{
  "error_message" : "Requests to this API must be over SSL. Load the API with
  \"https://\" instead of \"http://\".",

  "results" : [],

  "status" : "REQUEST_DENIED"
}