OEM Vendors will make API calls on behalf of their customers to consume governance data supplied by Unified Compliance. Each customer added by an OEM Vendor will be assigned their own unique API Key and that API Key must be passed when making API calls on behalf of that customer.
NOTE: OEM Vendors can make API calls themselves using their own/unique API Key. Login to the Common Controls Hub and navigate to Settings and then API Manager where you can create your own API Key.
When making API calls on behalf of your customer(s), pass the unique API Key for each customer in an Authorization bearer token, ie: Authorization: Bearer {{API Key}}