An important announcement for the JIRA Service Desk developers out there,

The issueLinkType resource in the JIRA REST API can no longer be accessed anonymously. This resource will now return a 400 error, if the user does not have the BROWSE_PROJECT permission for at least one project in the instance.

We have made this change for security reasons. Custom issue links can actually expose internal data, therefore allowing anonymous access to the issueLinkType resource is a security vulnerability.

Cheers,
The JIRA Service Desk team