The Stalls One API uses API keys to authenticate requests. You can generate, view and manage your API keys in the Settings area.
Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub repositories, client-side code, and so forth.
All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
The Authorization in the header for the post requests is the string Bearer plus a token.
Authorization: Bearer sk_afg92nkaAXVubzpwQDU1dzByYM
Security Note
Treat your API key as a password and never make it available outside of your direct control. The API key by design enables direct access to the Stalls One API on your behalf and so it is inappropriate and unsafe to share the API key among multiple parties.