How to create restricted Api Key to use directions api?

i'm creating an app that's draw routes between users using only firestore to update users location.

the problem is to use direction api i need Restricted key using (server IP addresses) what should i do ? i don't have server i'm using only firestore

Since your application is using a web service (Directions API), I believe you'll have to do the following to secure your API key:

• Apply an API restriction on the API key. This action narrows the scope of the API key to the APIs you associate with the key.
• Obfuscate or encrypt the API key. This action complicates key scraping attempts directly from the application.
• Use CA pinning or certificate pinning to verify the server resources are valid. CA pinning checks that a server's certificate was issued by a trusted certificate authority, and prevents Man-In-The-Middle attacks that could lead to a third party discovering your API key. Certificate pinning goes further by extracting and checking the public key included in the server certificate. Pinning is useful for mobile clients communicating directly with Google servers, as well as mobile clients communicating with the developer's own proxy server.
• Use a proxy server. The proxy server provides a solid source for interacting with the appropriate Google Maps Platform API.

More can be found in our public documentation On mobile apps that use Maps Web Service APIs of this Protecting API Keys