Programmatically, there are currently two options to log into the REST api. You can use:
- HTTP Basic Authentication The httpWatch web site describes the general process. Since it all occurs via TLS, this is quite secure
- JSON web Tokens (JWT). Refer to the wikipedia description for more info.