API calls need to be authenticated and authorised. You can do this by providing your secret key in the Authorization header of every request you make. You should authenticate your API client with the following header api-key: SECRET_KEY

The secret keys however, are to be kept secret.