Version 2 of the TwitLonger API uses standard OAuth Echo to verify requests that create or modify posts. This allows TwitLonger to validate the identity of the user you are making the request on behalf of.
Authentication requires the application key you received when registering your app for all requests, both read and write. This should be passed in the X-API-KEY header.
To verify user identity, you need to pass standard OAuth headers. X-AUTH-SERVICE-PROVIDER is the URL TwitLonger should use to verify the identity of the user you are making the request on behalf of. This will always be https://api.twitter.com/1.1/account/verify_credentials.json . Also pass X-VERIFY-CREDENTIALS-AUTHORIZATION, which is the OAuth headers you would use if you were to make the request to Twitter's Verify Credentials endpoint.