Use an API key minted in /admin/api-keys, sent as Authorization: Bearer ite_.... Full machine-readable spec at /api/v1/openapi.
Keys carry a scope: read, write or admin. Write scope is required to create posts/events; admin is reserved for future destructive endpoints.