Always ensure to authenticate your API requests, by including your secret key in the API-KEY header of each request. See your API secret key on your dashboard .
Your secret key should be kept private. It should not be used on your client-side, or committed to git.