I am a Developer Advocate for Security in Mobile Apps and APIs at approov.io.
Another passion is the Elixir programming language that was designed to be concurrent, distributed and fault tolerant.
Location
Scotland
Education
Self teached Developer
Work
Developer Advocate for Mobile and API Security at approov.io
It is always a fear that one day you might end up leaking your API key in a public git repository.
Thanks for writing down how developers can avoid this common pitfall :)
Now I would like to recommend you to read my answer in StackOverflow to the question How to protect Flutter app from reverse engineering to understand the other threats involved with using an API key in a mobile app.
My answer is split in sections:
How easy can it be to extract an API key from a Mobile APP?
Defending against Reverse Engineering
The Difference Between WHO and WHAT is Accessing the API Server
Lockdown the API server to the Mobile App
Found one more answer I gave in StackOverflow to a question with the title Securely Saving API Keys In Android (flutter) Apps, that is also split in sections:
How Hard Can It Be To Extract An Api Key?
Extract The Api Key With Static Binary Analysis
Extract The Api Key With A Mitm Attack
Extract With Instrumentation Framework
Storing Api Keys Encrypted In The Mobile App?
Firebase And Safetynet For The Rescue?
Proxy Or Backend Server
Possible Better Solution
Feel free to ask here questions about any doubt you may have after reading it.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thanks for writing down how developers can avoid this common pitfall :)
Now I would like to recommend you to read my answer in StackOverflow to the question
How to protect Flutter app from reverse engineeringto understand the other threats involved with using an API key in a mobile app.My answer is split in sections:
Found one more answer I gave in StackOverflow to a question with the title
Securely Saving API Keys In Android (flutter) Apps, that is also split in sections:Feel free to ask here questions about any doubt you may have after reading it.