Authentication is a required part of issuing every API call. However, rather than providing the user credentials on each call, you must first obtain an authentication token. This token is initially generated based on a user name and password; the token must be supplied on all of the subsequent API calls.
The management API can be accessed in several ways, including using the product's native browser interface, Swagger page, or a programming language (such as Python). In each case, there is a common logic flow or pattern of usage related to authentication. The general flow that you must use when accessing the API is as follows:
Therefore, regardless of how the management API is accessed, using the API always begins by generating an authentication token and ends with resetting the token.