Nothing needs to be done here. As long as your eZ Publish 5 is correctly configured, the REST API is available on your site using the URI
/api/ezp/v2/. If you have installed eZ Publish in a subfolder, it prepend the path with this subfolder: http://example.com/sub/folder/ezpublish/api/ezp/v2/.
As explained in details in the authentication chapter of this documentation, two authentication methods are currently supported: session, and basic. The API is currently limited to one or the other. By default, basic authentication is the active mode. It requires a login / password to be sent using basic HTTP authentication. The alternative, session based authentication, uses a session cookie.
To enable session based authentication, you need to edit
app/config/security.yml, and comment out / remove the configuration block about REST
Testing the API
A standard web browser is unfortunately not sufficient to really test the API. You can however try opening the root resource with it, using basic authentication: http://admin:firstname.lastname@example.org/api/ezp/v2/. Depending on how your browser understands XML, it will either download the XML file, or open it in the browser.
In order to test it, just save this code to some test.html file in the web folder of your eZ Publish 5 installation. If you use the rewrite rules, don't forget to allow this file to be served directly.
If necessary, change 59 with the content object id of an object from your database. You will get the ContentInfo for object 59 in JSON.
Note that by default, basic authentication is used. You can either add a valid login/password in the URI, or submit them when asked to by the browser. An alternative is to switch to session based authentication, as explained earlier in this page. In that case, the session cookie will be transparently sent together with the request, and every AJAX call will have the same permissions as the currently logged in user.