Grant-Type Password provides an access_token and refresh_token. The access_token is specific to the account which the user/password belongs to. Limited to 5 authentication attempts per hour.

access_token - Expires after 3600 seconds. Used in all non-auth endpoints to access account data.

refresh_token - Expires when a new refresh_token is requested using the same credentials or after 30 days. The refresh token can only be used in the Grant-Type Refresh endpoint and is used in place of a username/password or access code.

Access your account's Client ID and Client Secret by going to Settings > Other Settings > Custom Account Settings > API Access Keys.