The Operto API uses API keys to authenticate requests. Soon to be available the ability for the Account Owner to manager your API keys in the Operto Dashboard.
Your API keys carry privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth. Authentication to the API is meant to be performed via M2M (machine-to-machine) using HTTP Basic Auth over HTTPS. Provide your API key as the basic auth username value and set the API Secret as the password. Calls made over plain HTTP will fail. API requests without authentication will also fail. Upon successful authentication an access token will be provided in the resulting payload to be used as the X-AUTH-TOKEN in subsequent API calls.