You have two options for authentication, either put the api_token in the URL as a query string, or in the body of the request (for POST). you can also make the call not authenticated, but be careful with this
Forum
Academy
Marketplace
Showcase
Pricing
Features