Once you've generated your Google Maps API key, we recommend adding security measures to ensure others cannot use your key on websites other than your own. Doing so is very simple, and will only take a couple of minutes. You can follow the steps below to get your security settings organised.


1. Login to https://console.developers.google.com using the Google account with which you created your key

2. Navigate through to APIs & Services > Credentials

3. Click your API key

4. Under 'Application restrictions' check HTTP referrers

5. Under 'Accept requests from these HTTP referrers' enter your website's URL (including https://)  with /* added to the end (screenshot)

6. Save


If you've setup HTTP referrers but would also like to use the same key to display Google Maps within Operator Booking Engines, and Reseller Booking Engines, you'll also need to add book.bookit.co.nz/* and https://www.bookit.co.nz* in the list of referrers. 

Sometimes, even after setting the above, there may still be an error on your website maps. This can sometimes be due to the correct APIs not being enabled. Please check by doing the following:

1. https://console.cloud.google.com/google/maps-apis/overview

2. Click the hamburger in the top left

3. Go to APIs & Services

4. Library

5. Under the maps heading, click View All

6. You'll need to find the relevant api which is disabled, click on it, then click Enable

7. For websites developed by BookIt you'll need to enable both Maps Embed API, then go back and repeat the same procedure and enable Maps Javascript API