Would it not just be easier to provide a accountname and password? And you can use certificates and or IP filtering for the API.
Regards,
Ronald
[EDIT]
For the certificates see documentation here: https://docs.mendix.com/howto7/integration/use-a-client-certificate