The File Services API utilize the same security measures as the Reporting API.

No special setup is required, but if you have enforced SSL for your normal TimeLog site then SSL is also required for the File Services endpoints.

All requests require SiteCode and Reporting API username and password as part of the querystring.