I can help you. You’ll need a plug-in as well, look for HASH HMAC.
According to the documentation, you concatenate your key, your secret, your unix timestamp and do a sha256 hash of these and pass it in a header.
You’ll need the plug-in to calculate that, then feed it into your API call.
Presumably the request itself has a timestamp in. These must match.
You’ll need bubble fields or states or whatever to calculate the hash, then feed it into the api. The add in needs you to have a copy of the hash generator on the page, which is invisible.