Welcome to the Developer Community Narendra!
The only way to encrypt data in workflows, at this time, is to use the authentication dropdown in the HTTP Request action. It looks like the custom authorization option only allows one encrypted header. You would put the most sensitive data in this header, and then put any other headers needed for authentication in the plain text headers section. In your example, I think you have this setup as best as you can given the current features of workflows. Your API token is probably more sensitive than the key, so you store it in the custom authorization header.
Then, you put your API key as a plain text header
I agree, however, that workflows needs to allow for encrypting more types of data. I have opened a ticket for this enhancement request. (PLTWRKFLW-4181)