Hello Firebase community. A few days ago, we received an email stating that our Google API key, the one stored in google-services.json, was found inside a Github project that wasn’t ours. This page has since been removed, but since the key was exposed outside of our app, we’d like to know what’s the best course of action to avoid any related issues. I know it’s technically a public key, but we’re still concerned and want to replace it.
What’s the best way to update/replace the key with a new one, and what options can you recommend to prevent this from happening in the future?
This is an Android project.
Thanks in advance.
1 Like