I am using Google directions api in my app. Recently, I got warning from Google about the API key saying:
Your app contains exposed Google Cloud Platform (GCP) API keys
This is because the directions API needs auth key(I have that key in strings.xml file, and appending it from there). On the console, package name and SHA1 for app is already added alongwith restricting the API. I read about setting up GCP service account but not getting idea of how to use it. As per docs, we should set environment variable and provide credentials through it. Does this means I have to store the generated json file in my application and get credentials from there(as mentioned in the docs). If not, then what should be best approach for mobile apps.
Update: The generated google-services.json itself has api key in it.