Banked uses an HTTP Authorization header.
Every request should have the header: Authorization: Basic base64(key:secret). You need to Base64 encode the string key:secret. You can find both your test and production API key and secret in your Banked console.