VisitorAPI does not require an API key because it’s designed to be used on the front-end, where API key can be exposed to the public and it is not a secure solution.
Instead, VisitorAPI authenticate the API calls based on calls’ referral domains. That means, before you use the API on a domain, you must put the domain in the VisitorAPI settings to open the API to accept requests from the domain.
There are two ways to add a domain to the authentication domain list.
Add a domain when creating the project
When you create a project, you can add a domain in the setup interface as the screenshot shows below:
Add a domain in project settings
After a project is created, you can add a domain in the project’s setting page as the screenshot below shows: