All API endpoints require authentication using a bearer token, which is the personal API key (PAK) that you can create in the Unified Portal. You can use the PAK directly, no need to exchange to a JWT.

PAKs have a finite lifetime that is typically measured in days and must be renewed once they expire.

All API calls are also subject to authorization. Authorization determines these items:

• The organization whose data you can access
• The data retention period that you can query

For each request, specify these parameters:

• The organization ID as part of the request path
• The desired time range in the request body

The service validates both parameters to ensure they comply with your effective access rights.