Tokenless (aka Unsecured)

Certain API calls are unsecured by design. An App can intersperse these calls with secured calls, as necessary.

Defining

Unsecured calls, as indicated in their RAML definition, have a corresponding distinction in their cui.js call definition. Those calls will have a property of cmdType: 'unsecured' .

{ 
    cmd: "countOrganizations",
    cmdType: "unsecured",
    call: "/organization/v3/organizations/count",
    type: "GET",
    accepts: "text/plain" 
}

Calling

An App issues a tokenless call just like a secured call. There is nothing different about the invocation. Cui.js reads the call definition and takes care of building the appropriate Request Header.