Explo utilizes token-based authentication. To correctly make a call to the API, you must include the Explo-Authorization header with a valid team token. Below is an example of what the header would look like, replacing with a valid token.
'Explo-Authorization': 'Token <team_token>'
You can create multiple API tokens with different levels of permissions and access. On your team settings page, you can generate new tokens, refresh a current token value, delete tokens, and edit these permissions.
The API Token you authenticate your request with is associated with a Data Visibility Group. When creating an customer, the token used will determine which visibility group the customer is added to. When otherwise getting or modifying customers, only groups in the associated visibility group will be accessible.
Currently Explo supports two types of API Token permissions, read-only and read-write. Granting a token read-write permissions will allow it to create, delete, and edit any customer in its visibility group, while granting a token read-only permissions will only allow it to pull those customers.
For more information about how API tokens interact with their visibility group, see the visibility groups documentation.