You can store the API key and other info in a configuration file(a json file) and use gulp to generate an angular module of constants which can be used in the app without leaking potentially sensitive info into your repo. More details around this can be found here.