You should never store any API key that is sensitive inside of an app, whether in React Native or a typical native app. Keep them on your server instead. Here’s an article that explains the various approaches to get your API keys if stored in your Android application: Hiding Secrets in Android Apps – the same thing applies for iOS, just different tools.