I am wondering how does the Google Android Android v2 API key check work? (I know how to request a key and use it in an Android project.)
I'm just wondering how it verifies the application signature and uses it to verify requests on the server side.
Is it possible to use a similar method to authorize users of my user API and be sure that no one is using it, only through my signed application?
(This is a similar question, but itβs about the browser version: How does Google Maps protect its API key? How to do something like this?, It has nothing to do with subscribing to the Android application)
source share