@Seneca - That is correct. I specifically mentioned this at
but it was not addressed. For now you are not allowed to use authentication where it is not needed. (I also mentioned they should stop using 500 for something that is the client’s fault, but many 500’s are still returned).