The Send Side API uses the Bold Penguin authentication service for access control. You submit a unique client_id and client_secret through basic auth and receive an access_token that will be used as a bearer token for subsequent requests. Tokens are valid for 12 hours.
This token must be present as an HTTP header when you send your application form to the Exchange:
Authorization: Bearer [access_token]
Your Account Manager will provide you with unique ids and secrets for each environment.