Currently, it is possible to execute delete any TD from the directory performinig a DELETE operation in the /things endpoint. I imagine that this is not the desired behavior, since an access token is needed to create (POST /things) or to update (PUT /things) a given TD.
Also, the PATCH endpoint does not require credentials.
Currently, it is possible to execute delete any TD from the directory performinig a DELETE operation in the
/things
endpoint. I imagine that this is not the desired behavior, since an access token is needed to create (POST/things
) or to update (PUT/things
) a given TD.Also, the PATCH endpoint does not require credentials.