For an external application to connect with Stages, it needs a way to authenticate itself. This can be done with API-tokens.

Stages generates its API tokens on the basis of a unique secret that can only be set by the Stages administrator. This should be a random string value with at least 32 characters. This value should be stored in the file conf/secret.properties like this:

apitoken.secret = <value>

In the conf/config.xml file the following configuration property needs to be declared:

<property name="restapi.apitoken.secret" value="${apitoken.secret}"/>

After that, a service restart is necessary.