{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 爷的心禁止访问 的问题《YouTube API key gives 500 error when restricted to》','https://www.manongdao.com/q-1289292.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am having a very difficult time querying the YouTube search API using a key that is secured for use on Android exclusively. It seems when I remove restrictions from this key, the request works fine. When I attempt to lock it down and send the cert and package headers as described in this solution, I receive a very unhelpful 500 error:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "internalError",
"message": "Internal Error"
}
],
"code": 500,
"message": "Internal Error"
}
}
Here is the request I'm attempting in cURL form, with private information redacted:
curl -X GET \
'https://www.googleapis.com/youtube/v3/search/?q=songs&maxResults=25&key=my_api_key&part=snippet' \
-H 'x-android-cert: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx' \
-H 'x-android-package: com.xx.xx'
The documentation for this API indicates that support is only available here on StackOverflow. Are there any Google engineers that can help me understand why this is failing?
After some trial and error, this appears to be caused by the format of the fingerprint sent in the
x-android-certheader. Instead of accepting the same format required by the dev console (AB:CD:EF:01:23:...), it needs to be sent as a lowercased hex string (abcdef0123...). Hopefully this helps out the next soul unfortunate enough to run into this.