I currently have a React App Deployed with Firebase that contains all my Firebase credentials (Api keys, storage buckets, ect). I seen a lot of posts telling me to store keys on the server and deliver on request. How would I get that done as a complete beginner to this.
For Firebase specifically you can keep the keys in the code, as they are not used for access control. Access control is done using Rules instead.
The only cases in which restrictions are recommended for API keys is when using them for Firebase ML and Password-based authentication.