SD redirects calls to any plugin's REST endpoints to /servicedesk/customer/portal/1

We have a plugin that injects some javascript into SD customer portal. This plugin embellishes some custom fields with HTML generated based on REST calls to the plugin's REST endpoints.

Our customer reported that their 'customer' users do not the proper embellishments, instead they get some Javascript error. It turned out that when a user who is not in jira-users (an SD 'customer') is accessing the page with our plugin on it, the plugin makes a REST call that gets 302-redirected to /servicedesk/customer/portal/1. Which means that everything gets broken. Adding @AnonymousAllowed annotation to the plugin's endpoint does not help, as it only works when the user is actually not logged-in. When they log in, apparently SD servlet filter (or whatever) redirects blindly to a bad place.

This is breaking our plugin in very bad ways and we are likely losing sales because of this.

Are there any workarounds for this behaviour? I have tried injecting a serlet filter, but it is not being invoked.

The plugin in question is https://marketplace.atlassian.com/plugins/com.spartez.jira.plugins.ephor-for-jira, but the behaviour can be trivially reproduced with any plugin that has a REST endpoint. Just log in as an SD 'customer' and go to plugin's REST endpoint