Ok, that docs page (which I was not aware) basically contradicts one of my initial statements. Although the endpoint the page mentions is not documented in the Authentication API explorer it does have that page so I’ll need to double-check this situation.