There are three different ways to authenticate.
X-API-KEY request header
Used in most end points sometimes in combination with a JWT (Json Web Token) when information about the user is required. How to find your account api keys
Basic Auth
Used to retrieve a JWT for a given user. You can sign using your username and password and Basic Auth to retrieve your JWT. How to sign up using Basic Auth
Json Web Token (JWT)
A JWT will be required for destructive endpoints or endpoints that reveal more sensitive information. You can retrieve your JWT signing up with a username and password into the api
When refresh tokens are enabled on your application, you can renew access without logging in again. How to use refresh tokens