I have a bunch of API keys and secrets (Stripe, Cloudinary etc), that are currently hard coded in my app. Where is the right place to store them? Should they be in the server, and I just store the server URL at my end (so that if the keys changes, the app continues to work)?
for example, I have this in my app delegate file:
func configureStripe(){
STPPaymentConfiguration.sharedConfiguration().publishableKey = "pk_test_1234rtyhudjjfjjs"
STPPaymentConfiguration.sharedConfiguration().appleMerchantIdentifier = "merchant.com.myapp"
}
There are many tools to store secret keys.
If personal project, I typically go with xccconfig
and just ignore that file in git but with teams this can be quite hard.