I'm trying to access the Soti Connect API on our cloud-hosted instance using the Resource Owner grant type as documented at Soti Connect Help: Request Access Token. Here are the steps I've taken:
- Add a new client ID and secret as documented at Global Settings: General --> Security Access
- Add a new local Soti Connect user specifically for API access
- Send a request to https://hostname/Connect/token
I receive an error message that the password must be changed.
error error_description
----- -----------------
access_denied {"errorCode":161,"parameter":"IsPasswordChangeRequired"}
The problem is that we're using Soti Identity for authentication, and disabling that just to change a password seems excessive.
I realize this may be an example of an XY problem, so if there's a better way to do this than to create a local user, I'm interested.