How can I set up the realtime database authorisation to only accept request from my domain and not someone random in the world ?
EDIT: The answers marked as duplicate revolve around the domains in the EMAILS of users. Not the source of the HTTP request. Therefore they do not answer this question.
