We are aware of the issue and are investigating. Would everyone affected by this mind sending me phone numbers by email? We might need to get in touch personally.
The new site (and, in particular, the login page) is using AngularJS on the frontend. Angular supports security features to prevent cross-site request forgery. So there are 2 reasons your automated form submission scripts are likely failing:
The login data is encoded as json, rather than “form-encoded” as it was in the past. (In addition to encoding the form data as json, you must include a header identifying the content-type correctly).
The CSRF/XSRF protection requires that a header named X-XSRF-TOKEN be included in the login request header with a value the same as the XSRF-TOKEN cookie.
These changes represent increased security, which is a good thing, and worth a little work to support.
We’ll be releasing a patch to the login process that should make your scripts work without much modifications.
When you login on the new version of the site in a browser the url takes you to https://www.portfolio123.com/app/auth, but for scripts you’ll have to use the old url: https://www.portfolio123.com/login.jsp". POST your credentials to that url. The response from that request will not be html - it’s just “OK” on successful login or the error message on failure.