There are multiple ways to do this depending on your use case:
1. Partner access - If all your races will be under one partner account, you can use a partner API key and secret.
2. User Access - If you want users to be able to log in and get their list of races, you’ll need to authenticate by the user:
a. OAuth 1.0a - If you are familiar with OAuth 1.0a, you can use that to authenticate your users. Details are here.
b. Login API - This is a simple method of authenticating users. Details are here. You collect the user’s RunSignUp E-mail and password and send it to us in exchange for a temporary key. This key is valid at most up to 24 hours after the last API request using it, but there’s no guarantee that it will be that long either, so you’ll need to to call this API to get a new key whenever you get an error code of 6. This API is marked as deprecated because we prefer people not to use it because it means users must give their password to a third party, but we don’t plan on shutting it down any time soon. Note that you’ll use tmp_key and tmp_secret in your API calls.