Each call to the API from an external application must be accompanied with a JWT bearer token.
Make a POST to the account login endpoint first to obtain the token. Set the Content-Type to application/x-www-form-urlencoded:
Provide the EmailAddress and Password values in the body:
If successful the endpoint will return a token value:
Add Bearer to the beginning of the token and pass as an Authorization request on each subsequent call to the API: