How to make api keys secure in Android
There are number of times when we use secure api keys in our Android app like google_map_api_keys using string files. problem occurs when we upload our code on versioning tool like git or svn. Any person who have downloaded the code from versioning tool can use that api key. There is one solution which we can use to secure our api key using properties file. Very simple and easy steps can prevent hacking or misshaping with our code. For this first we need to create one property file with name secure (secure.property) on the same level where your gradle.property file saved.
Then we need to add some line of codes in app level build.gradle file
defaultConfig {----- some code----
def secureProps = new Properties()
if (file("../secure.properties").exists()) {
file("../secure.properties")?.withInputStream { secureProps.load(it) }
}
resValue "string", "maps_api_key", (secureProps.getProperty("MAPS_API_KEY") ?: "")
---some code---
}
finally code we need to write in secure.property file
MAPS_API_KEY=Your Api Key