- SDK Version: 35
- Platforms(Android/iOS):
The documentation on configuring app.json
(https://docs.expo.io/versions/latest/workflow/configuration/) describes adding information to expo.extra
that can then be accessed via Constants.manifest
. It also states that sensitive information such as secret keys are removed, which makes me think it’s a secure way of storing API keys. But I can’t find much more detail about this. How safe is it to add API keys here?
Apologies if this is already answered somewhere. I see various posts stating that secret API keys should not be stored in the app, but I’m struggling to understand where API keys added to app.json are ultimately stored.