As I see, there are API Rate Limits. I suppose that the limit its a IP based control.
My question it’s about how I need to use the API key in an Android app. In this APP will be thousands of users, calling from differents IPs. So the rate limit not will be working, because are different IPs. In other hand, if someone gets the API key from code (or sniffing requests) can force a limit (making thousands of requests per second) and this will be block the API key, and my APP of course.
What I’m forgetting?