How do I prevent my Firebase API Key from being exposed through my google-services.json file?











up vote
0
down vote

favorite












My Android application's google-services.json file is committed with the rest of my project to a public repo. This is a bad idea for the reasons detailed here. 



{

  "project_info": { ... },

  "client": [

    {

      ...,

      "api_key": [

        {

          "current_key": "MY_API_KEY"

        }

      ],

      ...

    }

  ], 

  "configuration_version": "1"

}


How can I have the API key get retrieved from a global context during build rather than stored out in the open? An expansion on this approach would be best!






android firebase repository api-key







share|improve this question


























    up vote
    0
    down vote

    favorite












    My Android application's google-services.json file is committed with the rest of my project to a public repo. This is a bad idea for the reasons detailed here. 



    {
    
  "project_info": { ... },
    
  "client": [
    
    {
    
      ...,
    
      "api_key": [
    
        {
    
          "current_key": "MY_API_KEY"
    
        }
    
      ],
    
      ...
    
    }
    
  ], 
    
  "configuration_version": "1"
    
}


    How can I have the API key get retrieved from a global context during build rather than stored out in the open? An expansion on this approach would be best!






    android firebase repository api-key







    share|improve this question
























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      My Android application's google-services.json file is committed with the rest of my project to a public repo. This is a bad idea for the reasons detailed here. 



      {
      
  "project_info": { ... },
      
  "client": [
      
    {
      
      ...,
      
      "api_key": [
      
        {
      
          "current_key": "MY_API_KEY"
      
        }
      
      ],
      
      ...
      
    }
      
  ], 
      
  "configuration_version": "1"
      
}


      How can I have the API key get retrieved from a global context during build rather than stored out in the open? An expansion on this approach would be best!






      android firebase repository api-key







      share|improve this question













      My Android application's google-services.json file is committed with the rest of my project to a public repo. This is a bad idea for the reasons detailed here. 



      {
      
  "project_info": { ... },
      
  "client": [
      
    {
      
      ...,
      
      "api_key": [
      
        {
      
          "current_key": "MY_API_KEY"
      
        }
      
      ],
      
      ...
      
    }
      
  ], 
      
  "configuration_version": "1"
      
}


      How can I have the API key get retrieved from a global context during build rather than stored out in the open? An expansion on this approach would be best!






      android firebase repository api-key




      android firebase repository api-key






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 18 at 3:05









      AlleyOOP

      5972926




      5972926





























          active

          oldest

          votes











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53357530%2fhow-do-i-prevent-my-firebase-api-key-from-being-exposed-through-my-google-servic%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown






























          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















           

          draft saved


          draft discarded



















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53357530%2fhow-do-i-prevent-my-firebase-api-key-from-being-exposed-through-my-google-servic%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Paul Cézanne

          Image
          Pour l’article ayant un titre homophone, voir Sézanne. Paul Cézanne.mw-parser-output .entete.artiste{background-image:url("//upload.wikimedia.org/wikipedia/commons/f/f3/Picto_infobox_artiste.png")} Autoportrait vers 1861 Naissance 19 janvier 1839 Aix-en-Provence (France) Décès 22 octobre 1906 (à 67 ans) Aix-en-Provence (France) Nationalité Française Activité Peintre Formation Académie de Charles Suisse Maître Joseph Gilbert, Antoine Guillemet, Camille Pissarro Mouvement Impressionnisme postimpressionnisme Influencé par Eugène Delacroix, Gustave Courbet, Véronèse A influencé Braque, Picasso, Matisse Conjoint Hortense Fiquet (depuis 1886) Enfant Paul Cézanne  ( d ) Œuvres principales La Montagne Sainte-Victoire, Portrait de madame Cézanne signature modifier - modifier le code - modifier Wikidata Paul Cézanne , né le 19 janvier 1839 à Aix-en-Provence et mort le 22 octobre 1906 dans la mê...
          Read more

          UIScrollView CustomStickyHeader Resize height generates problems when scroll is too fast

          Image
          0 I have been trying for a while to create a UIViewController that has a CustomStickyHeader and a UITableView. The idea I have been following is use the UITableView scrolling for changing the header view with the value of the contentOffset. The layout for the ViewController (AlbumsViewController) looks like: The UItableView Scrolling functions from the delegate are implemented like that: func scrollViewDidScroll(_ scrollView: UIScrollView) { let endReached = contentTableView.contentOffset.y >= (contentTableView.contentSize.height - contentTableView.frame.size.height) let isUP = lastContentOffset > scrollView.contentOffset.y if scrollView.contentOffset.y < 0 { headerHeightConstraint.constant += abs(scrollView.contentOffset.y) } else{ if !endReached{ ...
          Read more

          Angular material date-picker (MatDatepicker) auto completes the date on focus out

          Image
          3 3 I am using angular material/mat-datepicker in my project and whenever the user enters one digit inside of it, and goes out of focus - the date picker is auto completing with a random date. Example Just enter 1 and go out of focus, or enter 5/5/20 The date picker is adding date automatically Update : Also I am using reactive forms and I'm validating the input with that approach Can I disable this ? angular datepicker angular-material angular6 angular-material-datetimepicker share | improve this question edited Nov 20 '18 at 13:21 ...
          Read more