Before starting using API:

Every request to api should contain Authorization HTTP header with value Token <string>

Obtain token

POST /api/obtain-token

    "username": <string>,  // email
    "password": <string>

Status: 200 OK

    "token": <string>

Tokens expiration or invalidation

Each token is valid for 24 hours. If Token is expired, you will get following response:

Also if you will change password in your account settings, all previous tokens will become invalid. If token is invalid, you will get following response:

Status: 401 Unauthorized

    "detail": "Given token not valid for any token type",
    "code": "token_not_valid",
    "messages": [...]