Posted on 11-30-2023 06:50 AM
I am working on a script to automate naming, renaming, and name enforcement for our mobile devices. The script uses an API call to send the rename command to devices that don't meet our naming convention. I use this call all the time. It works perfectly from my account with full admin rights. However, when I run the script with my API management account which has limited rights the command fails with the following message:
<html>
<head>
<title>Status page</title>
</head>
<body style="font-family: sans-serif;">
<p style="font-size: 1.2em;font-weight: bold;margin: 1em 0px;">Unauthorized</p>
<p>The request requires user authentication</p>
<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">here</a>.<br>
Please continue your visit at our <a href="/">home page</a>.
</p>
</body>
</html>
I have Send Mobile Device Set Device Name Command permission enabled for the account. The account also has permission to view and modify mobile devices. Does anyone know what other permissions are needed to run this command? Here is the command I am using:
curl -X POST "$server/JSSResource/mobiledevicecommands/command/DeviceName/$deviceName/id/$deviceID" -H "Accept: text/xml" -H "Authorization: Bearer $jss_token"
Solved! Go to Solution.
11-30-2023 10:48 AM - edited 11-30-2023 10:49 AM
It looks like from here that also the "Create - Mobile Devices" permission is necessary. I'd probably try adding the "Read - Mobile Devices" permission as well if just adding the first doesn't work.
11-30-2023 10:48 AM - edited 11-30-2023 10:49 AM
It looks like from here that also the "Create - Mobile Devices" permission is necessary. I'd probably try adding the "Read - Mobile Devices" permission as well if just adding the first doesn't work.
Posted on 11-30-2023 12:48 PM
Thanks, Matthew. That did the trick.