We use OAuth 2.0, the industry standard for authentication. Each OAuth app is mapped to a bot.
To be able to authenticate a request on our API you need to use Bearer Authentication access token. An access token only remains valid for 60 minutes.
Authorization: Bearer <access_token>
As OAuth 2.0 is an open standard there are a range of libraries you can use for a range of languages.