2025 Avoid Hard Coding API Keys in your Swift iOS Project
14Join the youtube community! - / @goodxp
If you are working in iOS app development with Swift and Xcode, this video is for you. I am going to quickly walk you through the steps to introduce secrets, such as API keys, to your project without exposing this sensitive information.
I am not going to explain or argue why this is necessary or beneficial, neither am I going to compare or present other options.
I wanted to do this video because I couldn’t find any concise and up-to-date information out there, which felt very weird. Even in official documentation, there is a mysterious gap about this problem, which I assume should be pretty common and standard.
I come from web development, working in the JavaScript ecosystem, and being fresh in the Swift world, this was the most puzzling thing for me so far. I still do not understand why the knowledge about introducing environment or build-time variables is so obscure across the internet. Why are all the talks and articles about secret management at least 5 years old and outdated?
By the end of this video, you will already have a simple and more secure secret management in your projects.
Using XCode create .xconfig file
Add your secrets
Add xconfig to build configs
Add keys to custom plist
use custom keys in your code
0:00 Intro and Rant
2:58 How To Avoid Hard Coding API KEYs in code