How to Secure iOS App Secret Data With Vault

Working on mobile apps, as developers, we interact with APIs all the time. In order to connect to these APIs, we use API keys. These API keys are very important as it maps/identifies us as a unique user of the system we are trying to integrate with. We always need to make sure these API keys are not accessed by unintended users. Rate limiting, quota control, and security are some of the reasons why API providers have API keys. One of the good security practices is not to save secrets and API keys as part of your source code. But if we don’t put them in the source code, how will our code know about them and consume it. Well, the answer to the problem is using a security tool called “ Vault ”. There are various vault options to store secrets, we will talk about the Hashi Corp Vault System . In this article, I will walk you through how to integrate vault with an iOS app. Prerequisites Setting up Vault — Please set up your vault following the instructions mentioned in the link. Write