Messages are sent to subscribers as HTTP POST requests
API driven
All interactions after account creation are via standard HTTP requests, in a RESTful API
Api interactions are authenticated by short-lived tokens (API Keys). A more limited but longer lived token (publishing key) is needed to publish a message on a topic, a standard apikey will not allow publishing to prevent accidental reuse.

Each account also has its own Public/Private Key pair. The private key never leaves our system and is used to sign a JWT which is attached to the request sent to your subscription endpoints.
Using your account's public key you can verify that the messages you receive have originated from your subscriptions in our system.