AUTHENTICATION: All GET endpoints can be accessed without authentication, but some parameters (which might cause complex or time-consuming queries) require authentication, as well as all POST/PATCH/DELETE endpoints that change data.

You can authenticate a request in 2 ways:

1. By providing an e-mail and password with HTTP Basic authentication or
2. Including a session token in the Authorization header with the value Bearer: <token>. Use this if you are authorizing a session on behalf of a user. You can obtain a session token at /users/sign_in; See the authentication section below for details.