Worker to proxy API

My website is static website and will be calling web api which is public. I need to protect that public endpoint via key and use worker to call the public endpoint with Key so users can only make request via cloudflare to avoid api abuse.

Can anyone advise if worker is safe place to put the key (hidden from public users) in and is there any other option to protect public API ?


Yes, that is one of the common use cases of Cloudflare Workers.
You should go ahead, the use of Cache API and Workers KV could boost that API performance.