How to force Authentication on REST API for Password protected page using custom table and fetch() without Plugin

I am implementing the REST API with fetch() promises as requests on a Password protected page with a custom table without using a plugin (only using the WP REST API that has been merged into WordPress core – thumbs up 👍 WordPress team, that was a smart move, thank you).

Dynamic Endpoints

I have a database table outside WordPress that I need to make endpoints for. I’ve created a page /cars/ where I plan on using a page template to generate links. I would like for the url to look like /cars/camaro/ ( /cars/%model%/ ). Originally I thought I could do it with endpoints but wasn’t sure how to make them dynamic based off of the slug pulled from the Model Table. I also wasn’t sure if it would be easier using Permalink Structure tags or which was better.