Admin API-token - This is an OAuth2 bearer token that can be used for third parties to access a project's endpoints. It is available on the User Management page. It expires after 15 minutes and needs to be regenerated.
Test tokens - When a project is published, a cURL command is generated that contains a test token for testing an API call. It expires in 24 hours.