Key Management/Key Storage is (IMO) the harder topic, but start simple and get more complicated as the security requirements dictate and as you get smarter. By starting simple, I mean store the key locally or in your code "hidden" as best you can. No, this isn't ideal or the approach you'd deploy widely - in fact, it's more of a backdoor - but it's a starting point. In the meantime, study the options for key management and storage and determine what will work best for your app and its intended use/environment.
I'm writing an app for which I'll have to solve this problem, and I haven't figured it out yet. It's seems the mobile environments, like Android, must have a reasonable approach, but I haven't learned them yet. The various Linux desktop environments use a local key/password manager that is locked (and I assume encrypted), requiring the user to enter a single password (the master key?) to unlock and decrypt. Once opened, the manager then provides the necessary passwords/keys to all applications that know how to use it and have permission to do so.
If you come across some great solutions in your study, let me know.