Reputation: 7376
How can I hide my Parse.com API keys?
I develop a project with parse.com api. I use api key and client key
I use proguard to improve my app security if anybody can try decompile .apk
But in my app there is a API KEY and CLIENT KEY. How can I hide them or if anybody see those keys what happens?
thanks in advance
Upvotes: 3
Views: 1118
Answers (2)
Reputation: 221
You can go through all sorts of machinations to obfuscate your Parse client key and app ID, but ultimately they're always going to be available to a clever person intent on discovering them. That's why protecting your data with proper ACL configurations is key. The suggestion of doing more in your Cloud functions is also a good idea if you want to hide details of your business logic which, if coded in your Android app, could be reverse engineered.
Upvotes: 1
Reputation: 16874
You should always assume those keys will become known, and secure your classes in Parse accordingly using Roles and ACLs.
For extra security use Cloud Functions that have extra security logic in them.
Upvotes: 0
Related Questions
- Protect your API KEYS from Reverse Engineering Android
- How to initialize Parse without exposing application id?
- How to obfuscate API KEYS in AndroidManifest Android
- How to hide API Keys in Android
- How to use Client Key instead of Rest Api Key for Android on Parse.com Rest Api requests
- Hiding JavaScript key on parse.com web
- Parse SDK Android Proguard issue
- Android Code obfuscation. I want to hide Parse.com's keys
- Parse.com revoke API key
- Parse.com using master key