The Cooler API uses API keys to authenticate all inbound requests. Every request must have a COOLER-API-KEY header with a valid, enabled key in the platform to successfully authenticate against sandbox or production environments for any action to be taken.

All API requests made to Cooler API must be made over HTTPS with TLS 1.2 or later. Calls made with HTTP will fail with 4xx error. HTTPS requests without the aforementioned key will also fail with 4xx error.