We support the API key in header. See more in our docs here.
We also additionally support, HMAC-SHA256 (hash-based message authentication code) uses a secret key to generate a unique signature for a given message. The signature is then used to verify the authenticity of the message.