Unauthenticated callers
An unauthenticated caller is a user or service who provides no authentication information. Unauthenticated callers can access only metadata endpoints. Unauthenticated callers are typically callers who need information about the system APIs only.
This topic describes how to implement system API authentication for unauthenticated callers.
Note: Anonymous users start out as unauthenticated callers. This topic focuses on
unauthenticated callers who remain unauthenticated and who request system API metadata only.
For more information about anonymous users, see OAuth2 authorization code flow: Anonymous users.