SOTI Pulse Logo

Accessing Soti Connect API

Solved
J
Jeremy

I'm trying to access the Soti Connect API on our cloud-hosted instance using the Resource Owner grant type as documented at Soti Connect Help: Request Access Token. Here are the steps I've taken:

  1. Add a new client ID and secret as documented at Global Settings: General --> Security Access
  2. Add a new local Soti Connect user specifically for API access
  3. Send a request to https://hostname/Connect/token

I receive an error message that the password must be changed.

error         error_description
-----         -----------------
access_denied {"errorCode":161,"parameter":"IsPasswordChangeRequired"}

The problem is that we're using Soti Identity for authentication, and disabling that just to change a password seems excessive.

I realize this may be an example of an XY problem, so if there's a better way to do this than to create a local user, I'm interested.

a year ago
SOTI Connect
ANSWERS
J
Jeremy
a year ago

Update 2: Just like MobiControl, there is a way to bypass SSO for Soti Connect. Just browse to your Soti Connect url like this: https://sc****.soticonnect.com/Connect/#/login

Update: I ended up contacting Soti support for this issue, and the immediate workaround was to temporarily disable Soti Identity SSO in order to be able to access the local Soti Connect login and password change pages.

If you do this, note the following things:

  • Ensure you have an active administrator user
  • Switching from Soti Identity authentication to Soti Connect authentication does not clear the URL, Client ID, and Client Secret. Those are stored even when Soti Identity authentication is not chosen.
  • Switching back to Soti Identity authentication is trivial; just log in as an administrator, choose Soti Identity, and press Save. There's no need to re-enter your Client ID and Client Secret.

Many thanks to Sneh from the Technical Support team!

Solution
P
PMMOD@SOTI
a year ago

Hi Jeremy,

 

We're glad you've been able to find a solution. Please let us know if there are any other details or links we can assist you with, and then we can close it at our end

 

Please let us know so we can proceed further accordingly.

Similar Discussions