The Authentication API allows authentication to all Index APIs except the Client Audit Logs API and the Publisher API, which have their own authentication methods. The Authentication API issues an access token and a refresh token. Both tokens are encrypted JSON web tokens (JWT) and have expiration times. You can use the Authentication API to access APIs using a user account or a service account. For more information about these accounts, see Authentication methods.