It would almost always be over a secure, encrypted connection. It would be very strange for it to not be. We can do anything from as simple as a static, pre-shared token that could be sent as part of the API request, to various types of key or certificate-based calculated tokens, to VPNs. For API we could set up VPNs between the party that wanted to access the API and our system. That’s kind of a continuum from a static secret token to VPNs – running the gamut from simple to sophisticated.
All FAQs