You can not safely ship an api key with the app. Normally the app would fetch the key (after validation of the user) from a trusted server and store the key securely as suggested above.
How to steal a key
https://approov.io/blog/how-to-extract-an-api-key-from-a-mobile-app-with-static-binary-analysis