Google Developers Console

Managing projects and applications

A project consists of

1. a set of applications,
2. along with activated APIs,
3. Google Cloud resources, and
4. the team and billing information associated with those resources.

Credentials such as API keys are specific to an application rather than to a project.

However, all applications within a given project use the same branding information (logo, email address, etc.) on their user consent screen, as described in Setting up OAuth 2.0.

Applications within a project also share

1. activated APIs,
2. permissions, and
3. billing information.

Managing project members

If you create a project, you have owner-level permissions and can grant owner-level permissions to other project members. Those with owner-level permissions are project owners.

Only project owners can add and remove other project members and edit their permission levels. Project owners can share a project with an email address that represents a group, but every project must have at least one project member that is an individual, not a group.

To manage project members, do the following:

1. Visit the Google Developers Console
2. Select a project, or create a new one.
3. In the sidebar on the left, select Permissions.
4. To add a team member or group, select Add Member.
   • You must provide an email address that is associated with a Google account.
   • If the email address belongs to an individual, an invitation flow is triggered, and the new project member must accept the invitation before they can access the project.
   • If the email address belongs to a group, the group is added right away, with no invitation step.
5. To change the permission setting for a project member, click the dropdown box in the Permission column and select a new permission level. The new permission level is saved automatically.
6. To delete a project member, click the trash icon to the right of the project member's permission setting.

Keys, access, security, and identity

Each request to an API that is represented in the Google Developers Console must include a unique identifier.

Unique identifiers enable the Developers Console to tie requests to specific projects in order to

• monitor traffic,
• enforce quotas, and
• handle billing.

Google supports two mechanisms for creating unique identifiers:

1. OAuth 2.0 client IDs

   For applications that use the OAuth 2.0 protocol to call Google APIs, you can use an OAuth 2.0 client ID to generate an access token. The token contains a unique identifier.

2. API keys

   An API key (either a server key or a browser key) is a unique identifier that you generate using the Developers Console. Using an API key does not require user action or consent. API keys do not grant access to any account information, and are not used for authorization.

Use an API key when your application is running on a server and accessing one of the following kinds of data:

• Data that the data owner has identified as public, such as a public calendar or blog.
• Data that is owned by a Google service such as Google Maps or Google Translate. (Access limitations may apply.)
• If you are only calling APIs that do not require user data, such as the Google Custom Search API, then API keys might be simpler to use than OAuth 2.0 access tokens. However, if your application already uses an OAuth 2.0 access token, then there is no need to generate an API key as well. Google ignores passed API keys if a passed OAuth 2.0 access token is already associated with the corresponding project.