The Opendate API provides 3 endpoints to manage user authentication:

Log In: Use the client_id, client_secret, email, and password to retrieve a new Bearer token. Also provides a refresh_token to automatically renew the token.

Log Out: Invalidate a previously authenticated Bearer token so that it may not be used to make any additional requests

Refresh Token: Bearer tokens are valid for 60 days. After they have expired, the user must login to the application once again. The token may be renewed automatically using the refresh_token to retrieve a new token valid for an additional 60 days.