So, I solved this problem by making my request in the backend. It's good practice to conceal your private API key in the backend, anyway. I built my backend using Spring Boot and in my controller class I used the global @CrossOrigin bean annotation to allow for cross-origin requests. Problem solved.
Stamp @CrossOrigin at the top of your Controller Class in a Spring Boot application, and you won't have to worry about CORS ever again!
Here's some info: https://spring.io/guides/gs/rest-service-cors/#:~:text=This%20%40CrossOrigin%20annotation%20enables%20cross,of%2030%20minutes%20is%20used.