The TMF REST APIs are secured and must be used with access tokens from the OpenID Connect Identity Provider configured for the hosting instance.

For more details on this configuration, see the "Configuring OIDC for OSM Microservices" section in OSM Cloud Native Deployment Guide.