Is there any difference between cloudflare client key and api key? is it safe to share client key in apk file?


while doing static analysis of an android apk i saw that the developer have added
“cloudflare_client_key” : “16CharsKey”
in the APK i’m unaware of cloudflare api so is it good to share the client key? in apk like this and is there any security risk to it? plus what’s the diff to api key & client key


Cloudflare’s keys are typically longer than 16 characters, so I’d assume that is for something else but only the developer can clarify that.

Generally, keys should never be shared.

Protect this key like a password!