Tokenless (aka Unsecured)

Certain API calls are unsecured by design. An App can intersperse these calls with secured calls, as necessary.


Unsecured calls, as indicated in their RAML definition, have a corresponding distinction in their cui.js call definition. Those calls will have a property of cmdType: 'unsecured' .

    cmd: "countOrganizations",
    cmdType: "unsecured",
    call: "/organization/v3/organizations/count",
    type: "GET",
    accepts: "text/plain" 


An App issues a tokenless call just like a secured call. There is nothing different about the invocation. Cui.js reads the call definition and takes care of building the appropriate Request Header.