Incorrect error message when triggering a pipeline with a nonexistent token.

Execute this command:

curl -X POST -F ref=master -F token=NOTATOKEN "https://gitlab.com/api/v4/projects/BuggyMcBugface%2FTriggerFail/trigger/pipeline"

• Output: {"message":"404 Not Found"}
• Expected output: Something like "access denied" or "invalid token" would seem to make sense...

Removing the token field entirely gets you a more sensible response: {"error":"token is missing"}.

I'm also a little puzzled about why one of these errors is returned as a "message", and the other as an "error"...

Note that the project/pipeline in question is public: https://gitlab.com/BuggyMcBugface/TriggerFail/pipelines

Note also that adding a personal access token for this user to the header does not change the output:

curl -X POST  --header "Private-Token: $TOKEN" -F ref=master -F token=NOTATOKEN "https://gitlab.com/api/v4/projects/BuggyMcBugface%2FTriggerFail/trigger/pipeline"

(Note also that I created this user/project just to file bugs in the API, so including the token isn't a problem ;) )