The Rhombus API provides two methods for authentication, certificate-based and token-based. We strongly encourage customers to use the certificate-based approach, as it offers an overall more secure interaction. Whereas the token-based approach is typically easier to get up and running quickly. Both approaches utilize an “apikey”, and the following HTTP headers should be sent with every request:

x-auth-scheme: [api]* or [api-token]*
x-auth-apikey: XXXXXXXXXXXXX

*[api] is for certificate-based and [api-token] is for token-based. The brackets should not be included in the request.