Envoy uses OAuth2 or long-lived API_KEY for authentication into the API. All API requests must be made over HTTPS. Any calls made over plain HTTP will fail. Learn more about how our API authentication works.
Scopes control access to resources in the API. Each API endpoint requires a specific scope to use. View the list of supported scopes.