Very excellent question Amolo! As you know, storing anything on the client is never 100% secure. For quick development and testing, the steps shown in this article would suffice. In actual production, always store important credentials and API keys in server-side.
Here's a helpful article that discusses on this topic.