To get an API token for your app, so it can use the SOAP and REST APIs, it must pass the AppExchange security review. You can then log a case in the Partner Portal under the category. You need to specify the type of token (SOAP or API) and if you are using OAuth.