To make it work “Allow basic auth” has to be activated and user/pw has to be entered in the config.yml.
Alternatively you can now generate API tokens and use them to authorize access.
In the UI click on your profile in the lower-left corner, scroll down and click on the Create API Token button:
Then fill in the details (use habapp as the token name, for instance, and admin as scope):
The token shown is your username and the password must remain blank.
In that case there is no need to enable basic auth - you just have to use the token instead of your own username/password.
If you ever need to revoke the token you go to your profile page again and click on the red icon:
