Whilst creating my International SEO Backlink Analysis Tool, I wanted a way for people to use their SEOmoz API key in the same secure fashion as they would for their homebrew tools. That meant that their Secret Key shouldn’t be transmitted over the wire, but instead only a signed hash. You can read the docs on the SEOmoz API authentication, if you’re not familiar.
var SEOmozCredentials = getSEOmozCredentials(accessid, secret);
var timeStamp = SEOmozCredentials['theTimeStamp'];
var signature = SEOmozCredentials['signature'];
The parameters you must pass are the SEOmoz Access ID and the Secret Key. Once you have the timeStamp and signature, in addition to the Access ID you can easily form the request on the server side; here is some example PHP code:
$credentials = "AccessID=" . $accessID . "&Expires=" . $timeStamp . "&Signature=" . urlencode($signature);
$apiURL = "http://lsapi.seomoz.com/linkscape/links/" . urlencode($url) . "?" . $credentials . "&SourceCols=5&TargetCols=0&Filter=external+follow&Sort=page_authority&Scope=page_to_page&Limit=1000";
You may want to consider, as an alternative to using JS in this way doing full SEOmoz Application Authorization.