As a practical matter, you need only a single front end and single back end API key for each Split environment. When an environment is created, Split automatically creates one key of each type for the new environment.
There is nothing wrong with having multiple keys of the same type for the same environment, but there is no real reason to do so because Split does not currently track which API key is used.
/mySegments, which only returns the segments containing the ID used to initialize the SDK. The server-side SDKs call
/segmentChanges, which downloads the entire contents of every segment in the environment. This way, the server-side SDKs can compute treatments for any possible ID, while the client-side SDKs minimize space overhead for browsers and mobile devices by only downloading the segment information needed to process getTreatment calls for the ID specified during initialization.