Authorization

The API uses OAuth2 for authorization. To access protected parts of the API you need to obtain an access token. Therefor you can use the following endpoints:

Authorization-Endpoint
/developer/auth
Token-Endpoint
/authorization/token
Authorization Code Grant

For the authorization code you have to redirect the resource owner to the consumer endpoint:
/auth?response_type=code&client_id=[app_key]&redirect_uri=[url]&scope=authorization. If the authorization was successful the user gets redirected to the redirect_uri of your app. The redirect_uri contains a GET parameter code which can be exchanged for an access token at the Token-Endpoint.

Resource Owner Password Credentials Grant

Through the resource owner password credentials grant you can obtain an access token with your app credentials and the username/password of your account. Therefor you can send directly an request to the Token-Endpoint containing the app credentials and you username and password.