Authentication can be achieved either by sending a user's API key in the header, under the X-Api-Key header.
In cases where you can't set the header (such as direct links to documents), you can pass in a security token using the token query parameter:
GET /api/Equipment/find/12?token=59dh230sdg0h452124245
An API key can be obtained by logging into Tradetraks, going to Profile, Account Setings, and scrolling down to the Integrations section.
You can obtain a security token using the UserToken/create endpoint.
When creating a security token, you can set an expiry using expiry_hrs parameter, which will cause the token to expire in the specified number of hours from the time it is created. Whether the token is a nonce (one use token) can be controlled by setting the single_use field to true.