Every call to the Truv requires you to use your API keys, which consist of a Client ID and an Access key. Your Client ID will remain the same regardless of your environment, but you will get a different Access key for each environment. You'll be able to tell which key is used for which environment because the key will be prefixed with sandbox, dev or prod.
All API requests require the X-Access-Client-Id and X-Access-Secret headers which should contain your Client ID and Access key respectively.
Your API keys carry many privileges, so be sure to keep them secure! Do not share your Client ID or Access key with anyone and make sure to never use your API keys in the front end of your application.