Overview
Once access has been granted to a sandbox instance URL, login credentials will be configured for you (the client). An access token is obtained through a PUT request to the /token endpoint and can later be destroyed through a DELETE request to the same endpoint. There are multiple valid login request body formats in order to receive an access token as explained in the Get Access Token API documentation.
All requests except login require the authorization token that is returned by a login call to /token. This token must be copied to a header parameter named "token". The following is an example authentication header.