I am creating a Web app with NextJS. Is it safe to set the API key as a NextJS public environment variable and turning on domain whitelisting or does Tomtom recommend another method?
I plan on using the search api
If you have a backend then you can have two API keys. One for Map tiles only (with domain whitelisting set), which will be used at frontend to show a map. Second for Search API to be used at backend.