Quest re rest scopes and global theme rest calls

In 12.1 rest scopes have been introduced which limit access to rest calls 

In the UX these are normally added to a widget in the main config panel as below 

We have some js to replace the std tag editor on a site so we no longer call + "api.ashx/v2/aggregatetags.json",

but use a custom endpoint + "api.ashx/v2/subtopic/listAsTags.json?

When the legacy option "Enable all REST scopes for the user interface" is disabled this if failing with the pop message as below 

I realise we can add custom scopes to the custom rest endpoint as per the new developer documentation  

My question is how/where do we flag these endpoints as safe as per the core one used for tag lookups when the call is made from events in theme js? 

Parents Reply Children