I’m adding a Google tool to my site on this page, Natural Short Sleep - worldsfastestcentenarian.com. I need to use my Google API key to get it to work properly. How do I add it securely to sitejet?
I’ve done some server-side code before. Not with sitejet yet tho.
Hey there,
Does this article help you? 
https://help.sitejet.io/hc/en-us/articles/24275949916439-How-to-add-a-tracking-code
Hey there! 
If you’re working with a Google API key inside Sitejet, keep in mind that Sitejet is a static site builder, which means it doesn’t have a built-in backend. So if you insert the API key directly into your JS code, it will be publicly visible in the browser’s developer tools — and that can be a security and billing risk.
For APIs like Google Maps that are relatively safe, you can restrict your key to work only for your domain via the Google Cloud Console. That adds a layer of safety.
But if you’re calling APIs that are more sensitive (like Geocoding, Analytics, Auth, etc.), I highly recommend creating a proxy endpoint using something like:
- Netlify Functions
- Cloudflare Workers
- or a small backend hosted elsewhere
That way, your API key stays hidden, and your frontend just talks to your own secure endpoint.
2 Likes
Thank you for the link. I didn’t know or forgot that there isn’t a backend to sitejet. Thank you for your help. I’ll do without that feature for now.