What is meant is that “changes to the store data via the entities described in the API documentation must go through an administrator account with an API key”. You can create a separate administrator account with the said key and assign the administrator to a desired user group (if you want to limit the administrator’s ability to access certain entities and methods).