All requests are authroized using the basic HTTP authorization scheme outlined in RFC7617 (https://tools.ietf.org/html/rfc7617). In short, credentials are base 64 encoded and sent using the Authorization HTTP header.
Username: TestUser
Password: SecurePassword123
The username and password are concatenated, with a colon between them. So the plain text version of the username and password above would be:
TestUser:SecurePassword123
This concatenated value is then base 64 encoded:
VGVzdFVzZXI6U2VjdXJlUGFzc3dvcmQxMjM=
The authentication scheme "Basic" needs to be specified in the Authorization header value as well. So the final value for the example would be:
Basic VGVzdFVzZXI6U2VjdXJlUGFzc3dvcmQxMjM=
If there is an issue with the Authorization header when accessing the API, you will receive an HTTP 401 Unauthorized response.