Google play console pre-launch report says I have leaked GCP API Keys.
I can't restrict a google web service API to the android app. However, I did put it inside a secrets.properties file using gradle secrets plugin.
Is this enough? Is google providing a false error? Or do I need to do more?
Please help (this is my first question)
I tried using the place details android SDK version but it does not allow me to retrieve place details in a specific language whereas the web service version does and retrieving the place details in different languages is important.
You can hardcode the Google API key in your application as long as you have API key pinning configured on your key.
The API key pinning protects from the risk of abusing your key by ensuring that only your application can use it.
You can find more details on how to configure API key here: https://developers.google.com/maps/api-security-best-practices#restricting-api-keys
You can also find more details on how to secure your API keys here: https://developers.google.com/maps/api-security-best-practices