so the only secure solution is using server to hide the api keys?
Oh you are just spoiling the following series of articles... But ok I can shed some light ;)
You may want to read this reply and see what recommendations best fit your use case.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.