If your integration runs without a user present, use API v1. If actions must be attributed to a specific user or are run by an AI agent, use API v2.
API v1 (API Key)
Auth: API key
Acts as: system / account
API v1 uses api keys and actions are taken as the account in the system.
API v2 (OAuth)
Auth: OAuth 2.0
Acts as: authenticated user
API v2 uses OAuth 2.0 and is required for actions performed as a specific user.
Machine-readable API policy: /.well-known/manifestly-api.json