AWS documentation recommends exposing deployed machine learning models through secure, managed API endpoints to provide controlled and scalable access for external consumers. Creating a secure API endpoint allows customers to invoke the model using standard HTTPS requests while maintaining strict security boundaries.

AWS services such as Amazon SageMaker support deploying models behind managed endpoints that integrate with AWS security features, including authentication, authorization, encryption in transit, throttling, and monitoring. By using an API-based approach, the company can ensure that external customers interact with the model without gaining direct access to the underlying infrastructure or credentials.

The other options introduce significant security risks. Sharing credentials directly violates AWS security best practices and could lead to unauthorized access. Custom authentication scripts in customer applications are difficult to standardize and maintain. Embedding the model directly into customer applications removes centralized control and makes updates and security management impractical.

AWS positions secure API endpoints as the preferred mechanism for exposing ML inference capabilities to external clients, making this the correct solution.