A common solution is to use a server-side proxy to hide the API key. This helps protect your key from being exposed on the website’s source code. If you need more computing time or are looking to improve performance, you can use time calculator to compare performance between options. Good luck!

When making API calls from the client side (JS), the API key can become visible in the website source code and can be used by anyone. This is an important security issue. Moving to the server side can help solve this problem, although it may impact performance. There are several ways to improve and compensate for the move to server-side with angel numbers, but the most important is to keep your API keys secure.

thank you for responding!

This may help you. http://billpatrianakos.me/blog/2016/02/15/securing-api-keys-in-a-javascript-single-page-app/

I’m guessing if clientside script contains API key it can still be considered protected as it runs under my domain name (others trying to utilize should not be allowed with same API key given that reason) - but then again I haven’t signed up yet so don’t know if that’s part of the account setup/config, so can you elaborate on this - how do I know others don’t use my key to make calls at my quota’s expense?
dumb question, but still…