Every API need to be authenticated and authorised. This can be done easily by providing your secret key in the Authorization header of the request. You should authenticate your API client with the following header:
'Authorization': 'Bearer <token_from_dashboard>'
Your API key needs to be securely and confidentially stored. Please do not include this in your git repository. In the instance you believe your key has been compromised, please make sure to revoke the key from the dashboard.