Really good point Trevor — I half thought about releasing a simple version as a toy and just requiring users to get and copy paste in their own google API keys in a form in the app. But if I were to release it as a real product, yeah I’d definitely have it going through my own server, which I’d need anyway for user registration, handling payments, etc. As I understand it, any secrets at all stored anywhere in your app can be discovered.

I totally see your point about that not being trivial though, your comment makes me think it would be nice if there was a simple service/ layer on top of api keys similar to url shorteners, but that could either somehow scope access to or from certain requests or specific apps, or require uses to auth first via google/fb etc and then verifying that before adding keys and forwarding actual request to google api.

Written by

Software Engineer, Founder of

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store