One way to get authenticated, to use the API, is via OAuth.

You can create a new OAuth Client from within Deskpro at Admin > Apps & Integrations > OAuth.

By default, a newly created OAuth client will support the Authorization Code and Implicit grant flows. If you need to inegrate with Deskpro using Auth Code + PKCE then you will need to toggle the isPKCE option when creating the client.

A brief bit about the grant flows.

The Authorization Code flow is the most commonly used flow in OAuth2. It involves the client application redirecting the user to the authorization server, where the user authenticates and grants authorization to the client application. The authorization server then issues an authorization code to the client application, which can be exchanged for an access token and a refresh token.

The Authorization Code + PKCE flow is a variation of the Authorization Code flow that involves an additional security measure. The client application generates a random value called a code verifier, which is used to create a hashed value called a code challenge. The client application sends the code challenge to the authorization server, along with the authorization request. The authorization server then issues an authorization code that can only be exchanged for an access token if the client application can prove that it has the original code verifier.

The Implicit flow is another OAuth2 flow that is used for client-side web applications. It involves the client application redirecting the user to the authorization server, where the user authenticates and grants authorization to the client application. The authorization server then issues an access token directly to the client application, which can be used to access the protected resource.