How to properly authenticate API requests for order creation in sandbox?

Hi all,

I’m testing GOGOX's API in the sandbox environment, specifically trying to create an order via the /v1/orders endpoint.

I’m a bit confused about the authentication flow:

The docs mention using a bearer token — should this be generated via OAuth, or is there a static API key for sandbox testing?

If it’s OAuth, could someone clarify the steps to obtain the token? I don’t see a clear token endpoint or client credentials flow explained.

Also, is there a Postman collection or working cURL example available for sandbox authentication + order creation?

I’ve tried a few calls but keep getting a 401 Unauthorized error, so I’m guessing something is off with my headers or token.

Would really appreciate any guidance from someone who has this working. 🙏

Thanks in advance!