Sure, they have complete right to safe guard customer data with authentication checks.
But the situation here is that the customer is offering its consent to use their data on another platform or application.
The same holds for rooting android/iphones and making them do what you want. Not getting into legal details, you should own your data across services and your hardware that you buy.
Adding technical barriers is one thing, suing and interdependent group of people trying to learn the API and building tools on top is completely unfair.
But the situation here is that the customer is offering its consent to use their data on another platform or application.
The same holds for rooting android/iphones and making them do what you want. Not getting into legal details, you should own your data across services and your hardware that you buy.
Adding technical barriers is one thing, suing and interdependent group of people trying to learn the API and building tools on top is completely unfair.