Why am I getting a CORS error when accessing the API?

It's because you are making the API request client-side, from within the browser. You should make the request from your server, and then generate a page showing the results and pass that back to the browser. Otherwise, you would be exposing your API key to anybody with access to the page - same as if you hardcoded a password directly in your client-side JavaScript code.