Sharing Data Between Server Routes Without Exposing to Client in Next.js App

[albing123]

I'm implementing a login flow with BankID, where a secret (qrStartSecret) is received server-side and needs to be used in another route for generating QR codes without sending it to the client. This secret should remain secure and server-side only, used for generating QR codes that update every second. Looking for recommendations on securely sharing or storing this secret between routes in a Next.js app hosted on Vercel, without involving client-side exposure or heavy external dependencies. Ideal solutions would maintain performance and security compliance. Any insights or best practices would be greatly appreciated.