Thanks for the quick response.
Please can you guide where we might be missing Authorisation? Do we need to override this API in our application and how to do it with less impact on overall functionality?
Unauthenticated users were able to retrieve the contents of the tenants and paged tenants. https://myhost/api/saas/tenants
How to Secure this in our application?