In working with Exosite's APIs, I've found a number of consistency issues I would wish to see addressed.
Here is an example of a Postman session with the whitelisting API (documented here: http://docs.exosite.com/tutorials/provisioning/):
In the first screenshot, I am using an expired token. In the second, I am trying to whitelist a device that has already been whitelisted.
The main issue I want to draw your attention to here is that errors are not reported in a consistent format. This makes it essentially impossible to handle errors reliably. I can notice I have received an error and try to deserialize the response to determine what the error is, but maybe the error is reported in some surprising new format, and I'll just have an error reading the error.
As a developer who wants a good user experience for my application, this means many more hours debugging Exosite errors, and increased complexity in handling various failure scenarios gracefully.
I'm hopeful you'll recognize this as an issue and will be willing to take steps to improve consistency in your APIs. Thanks for your attention!