Key Concepts
Authorization (OAuth2)
To allow your application to access Pandora resources, a listener needs to authorize the application to request resources on their behalf. OAuth 2.0 is used for authorization.
Credentials for a standard Pandora account (not developer portal) are used for the authentication step. You should realize that the subscription tier that you are currently using will affect the availability of certain features and playback sources.
An access token will be received, which you can use in conjunction with a device UUID, to query the GraphQL endpoint.
For more information, see OAuth 2.0.