In its data exchange standards efforts (distinct from Ed-Fi's technology development, going back to a distinction made in the section Overview of Ed-Fi Standards and Technology), Ed-Fi recommends the use of OAuth for API implementers. This recommendation can be seen in the REST API Guidelines that the Alliance publishes:
Accordingly, in the Ed-Fi open source technology development effort, the Ed-Fi ODS / API uses a version of OAuth for API authentication. More information can be found here: Authentication.