The Waldo API uses API keys to authenticate requests. You can find it within the Applications section of your organization Settings listed in the API Key column.
Authentication is performed via HTTP Bearer token, so in order to perform an authenticated API call, you must set the Authorization header of your HTTP request to: Upload-Token <YOUR_API_KEY>.
Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.