What is User Authentication?

Without a way to identify users, your REST API could allow users to create new data, without distinguishing which data was created by which users.

This is probably not what you or your users would expect. By default, you'd likely expect a user to be able to view anyone's data (depending on what that data is) but to only be able to modify their data. To do this, your application needs to supp...