It is safer for you and for the people whose API you are accessing to put a Proxy in the middle. I do this with a PHP proxy on another host. (search the archive for the code)
Whitelisting Multi-tenant IP's effectively negates the API IP Restriction, and allows someone to hit the API via a GAE Proxy. (which is why lots of API's don't work from GAE) -----Original Message----- From: google-appengine@googlegroups.com [mailto:google-appengine@googlegroups.com] On Behalf Of Alexander Konovalenko Sent: Sunday, June 19, 2011 11:48 AM To: Google App Engine group Subject: [google-appengine] Whitelisting App Engine IPs in Google APIs console When you are using a Google API (such as the Prediction API) from a server-side app, the Google APIs Console lets you limit API requests to those originating from known IP addresses or ranges [1, 2]. If you set a whitelist and an API request comes from a non-whitelisted address, the request will be rejected. This can be really useful if you use some Google APIs from browser-embedded JavaScript and other Google APIs only from server side. All APIs share the same API key which can be retrieved by examining or debugging your JavaScript. A malicious third party could learn your API key by viewing the source of your site and then use the key to issue calls to other Google APIs in your name, even if you only use those other APIs from your server-side app. Currently we cannot whitelist App Engine because the IP addresses used by the app servers, backends and the URL fetch service are not known in advance. I filed a request to add a button on the Google APIs console to whitelist App Engine. If you're interested, feel free to star it or add your comments: http://code.google.com/p/googleappengine/issues/detail?id=5219 [1] Google APIs Console, Quotas pane https://code.google.com/apis/console#:quotas [2] Google APIs Console Help, section "Whitelisting by IP Address (Server-side applications)" https://code.google.com/apis/console-help/#whitelistingbyip -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
