I am making a website that makes HTTP request to youtube’s server.
And I have to generate an API key for that.
The project I am working only contains frontend, there’s no backend to it.
The 1st question I am asking is, is it really safe to store your API keys in your front end codebase?
Like I pushed my project onto github, what if some random person went in and saw my API key and start using it?
The 2nd question I wanna ask is: if let’s say that my site went online, and thousands of people start to use my site, so many HTTP requests are being made all using that one API key, what happens then?
Is the site gonna become really slow? Or will google ban that API key? If my site does blow up, how do I upscale my site to meet the request?
The 3rd question is that, should I use a backend to store all of the API key? Just so that no one can mess with it.
Thanks in advance.