Hi,
I strongly recommend against embedding credentials for connecting to the database into your App. If you do this it will be possible for a user to extract them, and they will then be able to run any SQL statement those credentials allow, regardless of restrictions in the app.
The best solution is to run a server-side solution that accepts API calls from the app and makes appropriately restricted calls to the database. As you have indicated that you don't want to use app engine I assume you don't want to maintain any server-side solution. You might want to look at pre-built solutions such as
Firebase, which automatically provides a authenticated, correctly restricted API for making changes to a (built in) remote database as well as many other features.
Yours,
David