FYI, the problem here seems to be that when not query is passed (a section request) to the search endpoint in a private request, the first thing we do is verify auth and if it fails, return a 401.
Meanwhile, if a filter is given (like a name), we filter at a deeper level (snapident) without returning authenticated/private results if auth is not ok or missing (and without raising an error).
FYI, the problem here seems to be that when not query is passed (a section request) to the search endpoint in a private request, the first thing we do is verify auth and if it fails, return a 401. private results if auth is not ok or missing (and without raising an error).
Meanwhile, if a filter is given (like a name), we filter at a deeper level (snapident) without returning authenticated/