Its part of the authorization. The only thing i can think of is the use of JWT for auth.
you log into one and get an jwt and the application checks it.
I'm not so much talking about the type of token issued (JWT/Opaque), but more about the service that manages issuing and revoking keys. (i.e. something similar to what Stripe has on their developer portal https://stripe.com/docs/keys).
Was hoping Auth0 had a solution for this but Auth0 but doesn't look like they do: https://community.auth0.com/t/how-to-implement-api-keys-usin..., https://community.auth0.com/t/how-can-i-generate-api-keys-fo...