The API uses OAuth2 for authorization. To access protected parts of the API you need to obtain an access token. Therefor you can use the following endpoints:
/developer/auth
/authorization/token
For the authorization code you have to redirect the resource owner to the
consumer endpoint:/auth?response_type=code&client_id=[app_key]&redirect_uri=[url]&scope=authorization
.
If the authorization was successful the user gets redirected to the redirect_uri
of your app. The redirect_uri
contains a GET parameter code which
can be exchanged for an access token at the Token-Endpoint.
Through the resource owner password credentials grant you can obtain an access token with your app credentials and the username/password of your account. Therefor you can send directly an request to the Token-Endpoint containing the app credentials and you username and password.