Http Authorization Header

Hello,
I'm making request to eCom api without passing any header and it's working fine, where the url is "https://{{api_key}}:{{api_secret}}@api.{{cluster}}.com/fc/account.json"
As per the documentation,https://developers.lightspeedhq.com/ecom/introduction/authentication/ , it states that for authentication purpose, header has to be passed. I'm not sure what it is. Can you please advise on this.,
Thanks,
Jasdeep
2 comments
If you put the key and secret in the URL like that, your HTTP client is translating it into the Authorization header for you. If you were to inspect the request headers that get sent to the server, you'd see a header has been added that is something like "Authorization: Basic [hashed data here]".
Is it a correct statement, that if I want to make rest api call,
I can make call to the url - https://api.{{cluster}}.com/us/shop.json instead of
https://{{api_key}}:{{api_secret}}@api.{{cluster}}.com/us/shop.json, provided I pass Authorization header in HTTP headers. And that will not create any issues.