Storing Secrets

Hello,

In chapter 11 storing secrets in configuration files it is advised to keep the file outside of version control and each developer would have a local copy of this and keep the keys. How would this work when we release the app and a user installs it? Where would the app get this secret from?

Thanks in advance!

Hi @blacklane, configuration files are included within the app when archived. If the configuration file isn’t in version control, but it’s available to the project when compiling, then the configuration file will be present in the archive and ready for the App Store.

Let me know if you have any more questions!

Hi, thanks for your reply. Is this method considered safe then having the configuration file packaged with the app?

@blacklane, the configuration file would be packaged with the app once it’s compiled. The file won’t, however, be present in source control where other developers (or anyone, if your app is open source) can see it.