RE: /api/user/code endpoint with private servers?

Does anybody have any insights to this problem? I highly doubt im the first one to try and use the api for a private server?

I have been trying to configure my private server to be able to use the /api/user/code endpoint to update my scripts.

I have installed the screepsmod-auth mod and its working correctly (as i can reach the /authmod/password/ endpoint and i was also able to set a password with the cli by using setPassword('username', 'password'))

But when i try to actually use any of the api endpoints, they all return {"error":"unauthorized"}. I have tried using query params in the browser (eg /api/user/code?user=username&pass=password) and i've tried using curl with -u username:password.

I know much of the web api is undocumented, and some of it reads like you need to use an api token and not a username and password, but there doesn't seem to be a way to get an api token when you are logged into a private server?

How are others utilizing the web apis with their private servers? Am i missing a major piece of configuration somewhere?