User-488622176 posted
It is very hard to secure jscript code. Why would you directly call the secured service from jquery? An alternative would be calling a controller method (are you using MVC?), that invokes the WCF service. This would allow you to store the key in session
state, which is a little harder to hack.