I'm developing an android app within Xamarin.Forms. From there I call a web api which needs an api key within the headers for authentication, which is always the same. At the moment, the API key is hardcoded within my app, but this is not really secure..
I already thought about saving the api key via SettingsPlugin, but the problem is that I have to save the api key the first time there and this would be also hard coded..
I don't want that someone else can retrieve my api key by getting the source code out of my apk-file. What can I do? Thanks for your help!