We are providing CA TDM api access to an external team and right now we are providing token based API ,
is there a way that we can avoid the token based API and only provide them the API with authorization using user id and password?

TDM Portal 4.9.1

Currently, the TDM Product requires a Token to access API calls after an Authentication process has occurred.

Just providing this API is not enough.  
The client needs to provide the authentication API (with userid and password) and then they need to save the token that comes back from this API and add it to the Generator API.
Use APIs to Prepare Test Data for Non-Relational Sources (broadcom.com)

One suggestion would be to pre-configure the Puzey Powershell generator .bat/.json and provide that to the Informatica team.  
The TDM team would configure an ID/pswd combo specific for the external group.

That PowerShell routine takes care of both the authentication & invoking the generator

An example of this is attached below:
1643135225067__TDMAPIDataGenExample.zip

Another possible workaround would be for the Informatica team to create some Java code to do the authentication and API calls.
An example of this is attached below:
1643135238482__FindAndReserverProject.txt