Authentication

Public APIs

Most documented data endpoints are public and do not require auth headers.

Private App APIs

Private app endpoints use bearer auth:

Authorization: Bearer <token>

These private flows are tied to in-app Para authentication.

Developer Trading Access

A dedicated developer auth model for trading/order management is planned separately.