Our API uses Token Authentication for access to all endpoints:
-H "Authorization: Token <<apiKey>>"
Server to server communication only
In order to make our API as easy to integrate with as possible, API keys are privileged, so client-side communication with our servers is strictly prohibited. Please keep your API key safe and secure, and only communicate with our API from secure, back-end servers over HTTPS. See the image below for an architecture diagram.
Soundstripe API authentication architecture diagram