I am using the rally API key for authentication of the rest services. Services get authenticated with any API key that starts with underscore (_). Looks like API key is validated by checking whether it starts with underscore or not.
Is this correct or Is it a bug in rest service authentication.?
Api key is generated at https://rally1.rallydev.com/login/accounts/index.html#/keys