React Native Initialization / Retrieving API Keys

Question

Hello, is the only current way of initializing Intercom still through the native codes of both Android and IOS?

If so, how would you suggest retrieving the API Keys for them? We currently use AWS Secrets Manager but I’m not exactly sure how to retrieve it inside the native codes of Android and IOS or if that would even work.

Having another way of initializing Intercom would be great, if not, how would you suggest doing that? Is there a recommended way from the Intercom team?

Exposing the API Keys and APP ID doesn’t seem like a good idea

Ebenezer.Laleye · Accepted Answer

Hi @marcos! Ebenezer here from Engineering Support👋.

From what I have seen other user do, they would use their server as a proxy for this key and never expose it to the app.

However, The SDK API key or app ID in itself cannot be used to impersonate other end users if you have turned on identity verification for your workspace. Without identity verification, a malicious actor can potentially ship another app with an Intercom SDK that is able to send messages to the your workspace. They could also sign in with an end user's email and see their recent chats.

This is why we strongly suggest customers to use identity verification.

More info here : https://developers.intercom.com/installing-intercom/docs/android-identity-verification

React Native Initialization / Retrieving API Keys

1 reply

Reply

Reply

Join the Intercom Community 🎉

Intercom Customers and Employees

Login to the community

Intercom Customers and Employees

Scanning file for viruses.

This file cannot be downloaded