We're dealing with private data here, and we want to make sure it stays that way. We restrict access to data by requiring each request have an api token. This api token must be in every request. You can generate an api token in your user settings.
If you're worried that someone might have stolen one of your api tokens, you can always expire them.
All endpoints require an api token. You can include the api token in either the GET parameter "access_token" or in the Authorization header using the Bearer format.
# Make a request to get your accounts using an API token # in the "access_token" GET parameter curl 'https://utilityapi.com/api/v2/authorizations?access_token=API_TOKEN_HERE'
# Make a request to get your accounts using an API token in # Bearer format in the Authorization header (this is just the # word "Bearer" followed by the actual api token) curl -H 'Authorization: Bearer API_TOKEN_HERE' 'https://utilityapi.com/api/v2/authorizations'