By default, when using your own authentication token, you have all permissions available. However, it's possible to grant specific permissions to other users on your account or 'ask' people to grant you permissions by the same process. This allows you to perform certain actions on their behalf, based on the granted permissions. this may be useful to create an app to allow user to add image to their favorites for example.
The following route isnt part of the API but is more like a functionality of the website.
Prompt a user to give you permissions over their account.
Prompt a user to revoke permissions over their account.