API requests require an API (Bearer) token in the Authorization header: 
Authorization: Bearer <token>
Tokens can be created in your dashboard. Tokens are scoped to your entire organization, though they can be limited to read-only access.