Skip to main content

How to use meta-data in manifest file instead of config in android app cloudinary?

Srikanth

I am using cloudinary to upload files from android app , When i use api key and api secret in the app like this

config.put("cloud_name", "****");
config.put("api_key", "****");
config.put("api_secret", "***");
MediaManager.init(this, config);

It is working fine  but when i remove the above code for the security purpose then i used meta data in the  manifest file  like this  

<meta-data android:name="CLOUDINARY_URL" android:value="cloudinary://@dsvjeyodu"/>

It is giving an error like this 

"java.lang.IllegalArgumentException: Must supply api_secret" 

How to protect the api key and api secret ?

 

 

0

Comments

1 comment

Date Votes
  • Francis Tagbo

    Hi Srikanth,

    I noticed that you have also created a support ticket for us.
    I will also write my response here.

    Generally, you should never expose your api_secret in client-side code and therefore you need to generate an authentication signature on your backend. We recommend Android signed upload with backend support should be implemented in conjunction with one of Cloudinary's backend frameworks (Java, .NET, etc).

    You can learn more about this in the documentation:
    https://cloudinary.com/documentation/android_image_and_video_upload#signed_upload

    If you like to use manifest, you can do an unsigned upload. Here is an example code:

    MediaManager.get()
    .upload(audioFile.toString())
    .unsigned("your_unsigned_upload_preset")
    .option("resource_type", "auto")


    Regards,
    Francis

    0

Post is closed for comments.

Didn't find what you were looking for?

New post