Response and Request workflow.
Every endpoint requires an access token that is given to the user after the "sign in" process, if the token is not valid, has expired, does not exists, the request will return an error referring to the token.
Once the user has its token, it will be able to perform a ton of different actions such as retrieve its information, list its habits, etc.