These endpoints can be authenticated using a JWT token.
The token can be retrived from the login endpoint. It's both returned in the reponse body and as cookie, albeit the cookie is only for the brla.digital web interface.
Interacting with the API using JWT authentication is not the recommended way, and the user should look to use the API Key authentication.
To authenticate using the JWT key, make sure to send the standard http header meant for that:
Authorization: Bearer {JWT Token}
Try to avoid using JWT authentication to interact with the API!
Use JWT authentication to interact only with the create api key endpoint, and setup your own API key ASAP. This will provide you an extra security layer to use the API, and your account won't be under any risk as long as you keep your private key safe.