The oauth token is retrieved post successful login. It is used for the parts of the API that require an authenticated user. The API_KEY is generic and used for the non-authenticated parts.
I completely agree. However, there doesn't seem to be a method for requesting an API key from Kickstarter (as far as I'm aware). I actually got this key from another guy who was reverse engineering the iOS Kickstarter application.
The oauth token is retrieved post successful login. It is used for the parts of the API that require an authenticated user. The API_KEY is generic and used for the non-authenticated parts.