The MMS API v2 uses API keys to authenticate requests. API Key is assigned to a specific gym location only and has granular permissions. Please make sure to keep it secure!
Authentication to the MMS API v2 is performed via the custom request header x-api-key. You just need to provide API Key as a value. We force to use HTTPS only, therefore calls made over plain HTTP will fail.