The application identifier and the secret key are two different things. Let me try to figure it out with each other, and then tie them together.
Application id
An application identifier is simply a unique identification tag for an application. This is to avoid duplication in the App Store and on your device. If two applications have the same application identifier, you can install them on top of the other, effectively erasing the old one and possibly grab your data. The application identifier is only the first step to SECURITY . To make sure that the script has absolutely no way, we use a secret key.
The secret key
The secret key is a security implementation, usually for asymmetric encryption. Let's take a look at the definition of asymmetric encryption on Wikipedia:
Public key cryptography, also known as asymmetric cryptography, is a class of cryptographic protocols based on algorithms that require two separate keys, one of which is secret (or private), and one of them is publicly available. Although different, the two parts of this key pair are mathematically related.
The private key is part of the key pair, the other is the public key. The public key, as the name implies, is openly available to the public. The secret key should ideally be accessible to only one person.
A key pair is used to unlock, in your case, to "unlock" applications. Each application has a unique asymmetric lock. Asymmetric locking is either locked with a secret key, or opened with a public key, or vice versa. Purpose IDENTIFICATION . Only one person can have a secret key. Therefore, any application of this person, we know, is definitely from this person, and not from some hacker / dubious source. This is why the secret key is important.
Therefore, these two concepts work hand in hand to provide you with the best security. When you use the API, sometimes you do not need a secret key, but only the application identifier, therefore the main service with which you use the API knows which product you use.