To secure our API we use OAuth2 with password flow for all endpoints. Authorization header must always contain a Bearer token obtained using tokenURL.
On this link you can find the part of our documentation regarding token acquisition.
Once you have acquired the Bearer token you can use the following instructions to obtain StoreFront services