Comment by danudey

Not to mention that storing the API keys on a developer machine (or distributing them to a developer machine) is the first step towards a developer's API keys getting leaked or exfiltrated. With this approach, the developer never has the API key on their machine at all (and you don't have to rotate or invalidate the key when they leave).