Your REST API key can be generated on the Change Password screen under Admin. You can generate a new API key from here any time if you think your API key may have been compromised.
To use your API key you need to concatenate your username and API key with a ‘:’ separator and then base-64 encode it. There are many libraries that can do the base-64 encoding depending on the language you are using or you can use a site like https://www.base64encode.org/ for a one off conversion.
For example if the username=mickmcg and API key=131fdf9e8246952e66153ca640685bada53d3988 then you would base64 encode mickmcg:131fdf9e8246952e66153ca640685bada53d3988 which results in bWlja21jZzoxMzFmZGY5ZTgyNDY5NTJlNjYxNTNjYTY0MDY4NWJhZGE1M2QzOTg4
That string is then passed as and Authorization header in the HTTP request to the REST API like this:
Authorization: Basic bWlja21jZzoxMzFmZGY5ZTgyNDY5NTJlNjYxNTNjYTY0MDY4NWJhZGE1M2QzOTg4