You can access DeskPro using a token that allows you to access the same API endpoints programatically as you could through the GUI. As a user, you can have a single API token for your account and expire or rotate it on demand. Like all keys, your token should be protected and kept secure, as it allows access to DeskPro under your user context without 2FA. As DeskPro has a public-facing endpoint, this could potentially be used to exfiltrate sensitive data. Both fortunately and frustratingly, API tokens are short-lived, making them suitable for infrequent script runs and not much else.
From the main DeskPro page, click your Profile icon in the upper-right and choose Preferences. Scroll to the bottom of that panel where there is a QR code. Scan it with a phone and you'll get a URL you can use to retrieve a user token blob. Open the link and you'll get a json file that looks like this: