Most calls to the MoneyMoov API require authentication with a JSON Web Token (JWT). The API uses two types of access tokens:

Merchant Access Token — A machine-to-machine token for server-to-server integrations with the NoFrixion API. You can scope each token with granular permissions (e.g., CreatePayout). See the Merchant Token docs for details.
OAuth 2.0 Access Token — Still available for integrations that act on behalf of a user or require interactive consent via the NoFrixion Identity Server. To authorise a payout, you must have multi-factor authentication (MFA) enabled to satisfy Strong Customer Authentication (SCA) requirements.

Note: If you do not want to create your own app and go through the process of OAuth integration, then you can simply use the NoFrixion portal to test on sandbox. You can create access tokens on the portal for your convenience.