Authenticate your account when using the API by including a secret API token in each request. Include your API token as header:
Authorization: Token <API TOKEN>.
You can create as many API tokens as you like. It is considered best practice to create a separate API token for each application you manage. This way you can easily revoke the access of a specific application by revoking its token without affecting other applications.
API tokens are essentially a convenience replacement for your account credentials. Treat them like your passwords and keep them secret! Do not share your secret API tokens in publicly accessible areas such GitHub, client-side code, and so forth.
You can create an API token on this page by providing a token description in the field above and clicking the "Try It" button. After entering your credentials, you can copy your newly generated token from the response of the call.