Why is expo removing googleSignIn apiKey from the app.json file?
While developing, i can log the key without any problems. Once it is built, i cannot access e.g. the android googleSignIn key.
import Constants from 'expo-constants';
export const getGoogleSignInAndroidClientId = () => {
return Constants.manifest.android.config.googleSignIn.apiKey;
};
I already read the documentation an found the following:
Sensitive information such as secret keys are removed.
Okay, i got it. But i need to use the api-keys anyways in the application, didn’t i?
At least when logging in with google:
const {type, accessToken, user} = await Google.logInAsync({
androidStandaloneAppClientId: 'ANDROID_API_KEY',
scopes: ['profile', 'email']
});
Since i need the api key in the application, the user (theoretically) can figure out my api key.
Am I wrong? Shouldn’t i use the API-Key?
Please explain to me how I have to proceed to read the API key with the help of the constants.
Do i need to duplicate the API-key in the extra-settings (since i want to use alle the keys in one single file and not create an new .env file or something like that).