The authentication in the API is done through Bearer access tokens (RFC 6750).
At each request, the "Authorization" header must be sent. For example:

GET /api/v1/jobs
Host: api.gupy.io
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

📘
How do I get the Access Token?
The Gupy API is available to customers on the Premium and Enterprise plans.
If you already have this plan, you can generate the token by accessing Setup > Tokens Generation. Otherwise, contact your Customer Success representative to upgrade your account or open a ticket to our support.

❗️
Don't expose your token
Never expose your access token on the Internet and treat it as you would treat your master password. Remember that possession of your token can allow malicious users to take any action on the Gupy platform. For this reason, the API does not expose CORS headers.
Also, to improve your security level request token creation with only the required permissions.