If you are creating services that use TCP/IP, you will always need to define fixed IP addresses.
As the others say, this is easily done either in your router - DHCP settings will usually have an option for fixing an allocated IP address against a MAC address. Or you can force a fixed IP address in the network configuration of the Pi. Personally, I prefer using DHCP as everything is in one place and I don't have to faff with the Pi settings - helpful when rebuilding or migrating to a new device.
Also mentioned is security. As you are allowing incoming connections through your firewall, this is potentially very dangerous since a simple port scan from the Internet will reveal that something is happening on your IP address.
At the least, you should lock down access to a specific URL path - the path you've defined for your incoming url. That prevents bots from attacking Node-RED's admin or Dashboard UI's for example. But you might need a proxy server to assist you with that as it is possible that the firewall on your router won't be up to the job. You can configure something like the NGINX web server to do this for you.
Ideally, you should also have some form of authentication and authorisation on the API URL to prevent unauthorised access to it.
Just to stress again, your URL WILL be discoverable from the internet and bots WILL discover it and try to break in.