By default, no identification is performed: the server accepts all client connections.
To identify a client, configure the REST APIs in the Project settings.
Every client may have an identification key (the identification key is then sent with each call; the identification applies for each call because the client/server connection is stateless).
If an unauthorized client sends a call to the server to start or stop a test: