Authentication
Apps authenticate using an app client ID and a secret. These can be handed to the /token route in the Admin Identity REST API. A JSON Web Token (JWT) will be returned with a validity of 6 hours. This token can be used to call APIs that the app has access to.