The Core API uses API keys to authenticate requests. You can find it within the App Configuration section of your sidebar menu listed in the General section.

Authentication is performed via HTTP Bearer token, so in order to perform an authenticated API call, you must set the Authorization header of your HTTP request to: Token <<waldoUploadToken>>.

Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.