Wisdom's HTTP REST API is in early developer preview, however many APIs are stable for active development. Authentication is handled by one of two mthods: 1) short lived JSON Web Tokens (JWTs) that expire within one hour that provide authentication per user, and 2) API secret access tokens that provide authentication per project.
The Wisdom REST API was primarily setup to enable routine data export and the more recent GDPR compliance requirements. Generally, it makes sense to directly access data through direct connections to PostgreSQL and AWS S3. Some Wisdom analytics reports are available (bug tracking, recent users etc) in raw API form, but provide less value to clients and so documenting them has not been a priority.