[1] API Documentation (2015-07-28 21:50:59 +09:00 版) https://www.shutterfly.com/documentation/AuthAuth.sfly

Your app passes the auth token on Shutterfly Open API calls as a special HTTP header, like this:
X-OPENFLY-Authorization: SFLY user-auth={the auth token}
for example,
X-OPENFLY-Authorization: SFLY user-auth=000020654581|1207184770811|610685903d963e98a5aa5766e57fb70340302493
If it is more convenient, your app can set a classic HTTP Authorization header, like this:
Authorization: SFLY user-auth=000020654581|1207184770811|610685903d963e98a5aa5766e57fb70340302493
Please note:
Shutterfly recommends using X-OPENFLY-Authorization. Your HTTP library may have problems using the Authorization header; it may silently discard your header in favor its own information (even if it has none), which can lead to confusing results.