API_KEY / CLIENT_SECRET authorization deprecated for asset registry API

Direct API calls are no longer authorized using API_KEY and CLIENT_SECRET. Based on the RN-jwt-token-validation branch, it appears that authentication now requires user login and a JWT token. Was this change intentional, and do we need to update our integration accordingly?