Why is expo removing googleSignIn apiKey from app.json?

Why is expo removing googleSignIn apiKey from the app.json file?
While developing, i can log the key without any problems. Once it is built, i cannot access e.g. the android googleSignIn key.

import Constants from 'expo-constants';

export const getGoogleSignInAndroidClientId = () => {
    return Constants.manifest.android.config.googleSignIn.apiKey;

I already read the documentation an found the following:

Sensitive information such as secret keys are removed.

Okay, i got it. But i need to use the api-keys anyways in the application, didn’t i?
At least when logging in with google:

const {type, accessToken, user} = await Google.logInAsync({
            androidStandaloneAppClientId: 'ANDROID_API_KEY',
            scopes: ['profile', 'email']

Since i need the api key in the application, the user (theoretically) can figure out my api key.
Am I wrong? Shouldn’t i use the API-Key?
Please explain to me how I have to proceed to read the API key with the help of the constants.
Do i need to duplicate the API-key in the extra-settings (since i want to use alle the keys in one single file and not create an new .env file or something like that).

the api key is different from the client id


1 Like

Wow, that was quick! Thanks for your answer, I probably confused it!

1 Like

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.