'React Native Expo: How to protect secret keys like Google Maps key?

We can't store the secret keys in the app code as they can be easily extracted by hackers.

One way is to get them from a backend service but my app works without authentication (guest user), so anyone with the backend url can get the keys which is not safe.

Another way is to use Attestation libraries but they need the app to be ejected to bare workflow. I want the solution in Expo managed workflow.

Any suggestions are welcome.

react-nativeexposecret-key


Solution 1:[1]

Google Cloud (Google map in your case) provide various restriction options for both mobile apps and website with package name or website.

You can restrict apps that can use an API key.

https://developers.google.com/maps/api-security-best-practices#application-restriction

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 BYIRINGIRO Emmanuel

Related Questions

global.__reanimatedWorkletInit is not a function. react-native-animated v2

global.__reanimatedWorkletInit is not a function. react-native-animated v2

React-Native-Maps not showing on Android Emulator or real device

Running flipper with expo sdk43

IOS Swipe Back gesture does not perfom navigation.goBack()

Use a slider to scroll a horizontal scrollView in ReactNative

Output multiple diverse elements with react-native-snap-carousel?

Facing issue " Failed to install the app. Make sure you have the Android development environment " in react native

How to copy text to clipboard in react-native?

Touchablehighlight not clickable if position absolute

How to check for esim eligibility in react-native app?

How to check for esim eligibility in react-native app?

Can I pass headers to an image source?

Getting "ld: symbol(s) not found for architecture x86_64 clang" on one of nearly identicals machines

Auth.currentAuthenticatedUser not loading name and family name attributes (and others) from Cognito