Does making an API private mean that all header info is protected?Concerned about API keys being in front-end.
