Sudo’s API uses OAuth 2.0 Bearer Token to authenticate requests. All API calls must include a bearer token. 
GET /cards HTTP/1.1
Host: api.sandbox.sudo.africa
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cC...
An invalid, missing, or expired token will result in HTTP 401 Unauthorized responses.