What are the requirements to execute REST API calls?

All REST Call Services use Basic Authentication. 

Basic Authentication is equivalent to have a local username and password to authenticate to when the REST call is executed. This user is stored locally in sys_user table or it maybe also, an LDAP user.

The user executing the REST call must have all the privileges to access the record defined by the REST end point.

If you need it, you can create a local user for the REST interaction.

REST API security