post https://api.actonsoftware.com/token
Grant Type Password will return two important items.
access_token - Store the returned access token in your application to authenticate the other endpoint requests. The access token expires after 3600 seconds.
refresh_token - Password or Code grant types are limited to 5 authentication attempts per hour. Using the refresh token workflow avoids unneeded access token requests and prevents your application from reaching this limit. The refresh token expires when a new token request is made with the same credentials via any of the Grant Type calls or after one month.