Overview
As mentioned before, the API is based on Django Rest Framework
Django uses a csrfmiddlewaretoken cookie that needs to be send with ALL non read operations (POST, PUT, DEL)
You can also play and explore the API using your web browser, just remember to be logged in first.
For this you can go to http://127.0.0.1:8000/ and login using this credentials:
username: demo password: demo
Or use the admin http://127.0.0.1:8000/admin with the same credentials