I’ve stored API keys in the .env file for my create-react-app and ensured the .env file is included in gitignore so as not to expose them on GitHub. I then added the environment variables to the Build & Deploy settings for my site on Netlify. However, it appears the bearer token of the GET request from my react app is still exposed in Chrome Dev Tools even though the jsx file uses the proper process.env.REACT_APP format.
I’m fairly new to Netlify and React in general. What am I missing?