Add some functionality to determine if a given API has been authenticated
Provide an appropriate reply if an unauthenticated API is requested
Add a method to request available APIs

Requests now proxied through HANA where rate limiting is implemented with per-endpoint permissions