We are the devs from Team Netlify, Ask us anything!View other answers to this thread
Thanks for doing this AMA and for everything you all do at Netlify! I love the service!
When it comes to setting up a JAMStack site, what is the best way to handle authentication with services that require API keys or some form of authentication? We obviously don't want them just hanging out in the front end willy nilly, and I've heard of having a possible serverless function or service that handles all API related calls, but I could see that possibly being abused.
I've found it hard to find a good answer for this, which could totally be improper wording.
In addition to Divya's post, you might also find this example of a serverless function which acts as a proxy, adding a secret API and calling a service.
I find these useful to dip into... a wide range of examples and references gathered here.