hi folks!! I need to store my apikeys securely in ...
# multiplatform
v
hi folks!! I need to store my apikeys securely in my KMM project which can be used both by android and ios code how to do that in shared module in kmm?
p
You don't. Consider all apps you ship as compromised and if you have API keys that you do not want exposed, keep them in your backend service
☝️ 2
☝🏻 1
s
Adding on here, no api key is safe on a rooted device. Apps that ship an api key in the apk don’t even need to be on rooted devices to extract the apk. It’s two adb commands to grab it off of a device. Security is all about making it cost more time and effort than the value of what is being stolen. If you want to use api keys because your backend service is not worth anything to a hacker and you want to keep out casual level hackers, just include them on each platform as you would any native resource.
Deprecated since 1851 🤷