There are multiple ways to authenticate to Salesforce SOAP and REST APIs. Usually the recommended way is to authenticate to REST API is by using OAuth and creating a connected app in Salesforce. Please check the article Using curl to authenticate to Salesforce REST API to see an example.
There is an easy way to bypass OAuth and directly use username+password combination to authenticate against Salesforce SOAP and REST APIs. It is by making SOAP login call. It will return an session Id that you can use against Salesforce SOAP and REST APIs as access token.
Getting access token with username, password and security token
You need make a HTTP call using below format. This is basically sending a login
SOAP request. Make sure to use your username, password and security token in line 12 and 13.
Also if you are accessing a Salesforce sandbox base part of the URL changes to https://test
.salesforce.com
You can see that the API response contains sessionId
tag. You can use this sessionId to call Salesforce SOAP or REST apis.
Checkout below example of accessing Salesforce Rest API with the session Id. Make sure to use your session ID in authorization header and your base endpoint instead of https://salesforcecodestest-dev-ed.my.salesforce.com.
This method allows you to access Salesforce REST and SOAP apis without a client ID and secret. This is intended for server to server communication. If you use it in a client side app, you will see CORS errors.