Documentation

FAQ: Can I call the API from a browser? in the NexoRouter documentation.

FAQ: Can I call the API from a browser?

NexoRouter responds to browser CORS preflight requests for the public API, but exposing an API key in frontend code is usually unsafe.

Call NexoRouter from your backend:

Browser -> your backend -> NexoRouter

Your backend stores the API key and applies user-level limits.

Browser-only risk

If you put a NexoRouter API key in browser JavaScript, users can extract it and spend your balance. Use a backend proxy for production.

FAQ: Can I call the API from a browser? — NexoRouter