I just tested again and it worked fine for me. Since obviously users who are registering themselves won’t have a valid session_id, are you certain you’ve set up Guest Access with a role that may POST to /rest/system/user?
Here was my call:
POST /rest/system/user?send_invite=true
JSON
{
"email": "user@example.com"
}
I received my invitation email almost immediately (in my test I POSTed a real email address).
If I disable Guest Access, I do receive this:
401 Unauthorized "There is no valid session for the current request."
And if I re-enable Guest Access but with a role that’s not configured properly, I receive this:
403 Forbidden "Access to application 'appname' is not provisioned for this user's role."