Up to now, username/password pairs have been used to authenticate (login) to the GuideStar APIs. The username and password used to authenticate to the APIs are the same (credentials) as those for the user account that has purchased the API subscription.
Previously, if you were a GuideStar API subscriber, your GuideStar website credentials were the only means to login to all of GuideStar APIs you subscribed to. While this method works well, it was problematic because, if a user changed their GuideStar.org password, any software that used that username/password to call the GuideStar APIs also needed to be changed.
API Keys, on the other hand, are API-specific and are not affected by a password change on GuideStar.org. You have an API key for each API that you've purchased.
While you can still access all of your APIs using your GuideStar website credentials, you can also provide only your API key to login--no password is required. This means, of course, that your API key for CharityCheck, for example, cannot be used to authenticate a call to the GuideStar Exchange API, for example.
All of your API keys may be found in the Account section of GuideStar.org once you have signed in to the website. API Keys represent access to your GuideStar data, and should be protected as carefully as you protect password.