Thank you for your question.
It is not possible to specifiy which IP address can use the API key, but since the key can only be generated within your account which is protected via your password and perhaps two-factor authentication it is very much safe.
I would suggest to only generate it which will cause a pop up wiht the key. copy and paste it and close the key. This way the API key is only visible within Wallee itself.