Currently, you can use Vendor location with 1 api but with no restriction. If you put restriction, it will not work. So it need to have server side api and browser api, but we only have 1 api field admin backend.
In product mode, you cannot use api without restriction because others might use your API
So how do we fix this problem to to use api key with restriction?