Many operations in the API require authentication. Authentication is required for all collections that contain different items depending on the requesting user as well as all update operations. Some operations in the API do not require authentication and will return any content that has been marked for anonymous access in the user interface.
API programs that access resources that require authentication must use one of the following authentication methods.
HTTP "Basic Authentication"
This method requires the requesting user to provide credentials (user name and password) via a HTTP header. To protect against the credentials being sent in the clear, it is recommended that deployments leverage the SSL protocol ("https") when interacting with services protected via Basic Authentication.
HTTP "Anonymous Access"
This method does not require the user to provide any credentials to interact with the server. Resources returned via anonymous access will not be personalized to a user and will include only resources whose access constraints allow anonymous access.