Requests are authenticated using a Bearer Token, which you should include in the header with every request.
API calls should be made from your backend application and our servers. Under no circumstance should you be making direct calls from your user-facing front end application, since it reveals your API token and is a huge security concern.
