is there an undocumented operation for an authentification request with email and password? I found an AuthenticationRequest in your working API without a related operation.
We could handle the API request with the X-Api-Key from an admin account, but this will increase security aspects.
One last note: It would be great, if you can share the swagger json file.
PS: Is it better to ask here or on stackoverflow?