API Key - JavaScript (Security)

In working with the “Requests” portion of Javascript, one thing came to my attention was with respect to security. Throughout the exercise, I have realized that an API key is shown in all instances, as JS is client side. Prior to this post, I went on Stack and searched, but just wanted to get community input on this. From what I can tell, there is no way in JS to secure the API key because JS is client side. With that being said, my next step was to go PHP - but was wondering if anyone had any insight/experience with handling API Keys and securing of said data. Even though the API may have correct perms, we all know API keys hanging out in space is never good. What are the preferred languages for securing said key and pros/cons if it applies?

Yeah, the courses here do everything client-side to get you used to the process and because it’s not production code - it’s not going to be deployed anywhere - it’s not so big a deal if the API key is in a client-side file.

If it were production code, the API key and the code which deals with the request would be server-side and you’d have that server code be the intermediary between the client and the API… as a basic example.