We use HTTP headers for simple, but effective authentication and authorization.
All requests made on behalf of an account needs authentication.
Requests should be made to endpoint URL
For authentication add headers
The important thing to keep in mind is that all requests to our API must be made over SSL (https).