Server-Side
Authentication
How the collect endpoint and the Management API authenticate requests.
The collect endpoint requires no Authorization header — the API key is part of the URL. Management API calls (properties, integrations) use Bearer tokens.
# Management API — Bearer auth
curl https://app.tugus.io/api/v1/properties \
-H "Authorization: Bearer YOUR_PERSONAL_ACCESS_TOKEN" \
-H "Accept: application/json"Create Personal Access Tokens in the dashboard under Account → API Tokens. Tokens have a configurable scope (read / write / admin).