Hi @matthias ,
We’ve chosen to deprecate this in 3 months rather than our usual 6 months as OAuth scopes are not correctly enforced on these APIs and the use of user-generated content within the URI as part of the attachment name leaves a larger surface area for exploitable vulnerabilities. To ensure we close security gaps within an acceptable timeframe, we’ve chosen to shorten the deprecation period.
These APIs also do not come under the standard deprecation policy as they are not officially supported as part of our public REST API documentation
However, we understand the deprecated APIs have existed for a long time so we would like to give consumers ample time to migrate to the new endpoints. If for any reason there are unexpected issues with migration, we are happy to revisit the 3-month deprecation period.