Authenticating requests

To authenticate requests, include an Authorization header with the value "Bearer Bearer {token}".

All authenticated endpoints are marked with a requires authentication badge in the documentation below.

Get tokens from POST /api/auth/login, send access token as Bearer {token}, and renew with POST /api/auth/refresh before access token expiry.