Multiple api keys- best practice

I am creating my first app in which I want to allow multiple users to
use
their own api keys. For example, multiple vendors could each use their
own
Stripe key for their customer checkout. Right now my app is working for
a
single user where I have enviroment variables set on dev machine and
heroku.

To develop ability for code based selection of keys, it makes sense to
me
that keys should be stored in database encrypted. Is this the prefered
way
to go? Are there any good how-tos on the subject around?