简体繁体中英

How can I make my API key hidden so that anyone decompling my app wouldn't see it?

原文 2014-01-26 14:17:12 1 1 java/ android

In my app i am using many thirdparty APIs that require an API key and have quotas that I must not go over.

I am worried that someone decompling my app would be able to see these keys and use them.

How can I keep them hidden?

I am using proguard for obfuscation

1 answers

As Mr. Hopkinson indicates, if your app is capable of passing the API key to the API, it is possible for somebody to obtain that key.

Ideally, the key would be tied to your apps signing key, as with many of Google's APIs (eg, GCM, Maps V2), so that even if somebody obtained your API key, they could not use it as readily.

Beyond that, invest in DexGuard, the commercial extension to ProGuard that encrypts data in your app (resources, static strings, etc.). This can be broken, but it is tedious to do so. If the attacker really wants your API key, the attacker can get it. But, if this is more of a "casual" attack, the attacker may decide that it is not worth the effort and move on.

I don´t know how to change my program so that i can see the ten largest files

Why can't I see my app in the avd app menu?

i want to do m3u8 live streaming on my app. So can anyone help me how can i do this ? i tried with exoplayer but i failed

compiler automata , how do I make this diagram so the lines wouldn't intersect?

How can I make it so that my form requires certain fields

Java, Android my MediaPlayer API wouldn't start

How can I prevent anyone from communicating with my server except my Android app

How can I make my android app have SharedPreferences as just one set of preferences, so that I can control it and clear the preferences with a button

Why can't I use my newly created API key?

I can't see my window with FullscreenWindow

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question I don´t know how to change my program so that i can see the ten largest files Why can't I see my app in the avd app menu? i want to do m3u8 live streaming on my app. So can anyone help me how can i do this ? i tried with exoplayer but i failed compiler automata , how do I make this diagram so the lines wouldn't intersect? How can I make it so that my form requires certain fields Java, Android my MediaPlayer API wouldn't start How can I prevent anyone from communicating with my server except my Android app How can I make my android app have SharedPreferences as just one set of preferences, so that I can control it and clear the preferences with a button Why can't I use my newly created API key? I can't see my window with FullscreenWindow

Related Tags

How can I make my API key hidden so that anyone decompling my app wouldn't see it?

Question

1 answers

solution1 4 2014-01-26 14:36:52

solution1
4 2014-01-26 14:36:52