AM Devices API End User Access

nick.hunt · January 23, 2024, 7:58pm

Hello

I am setting up an external end user application and need to have the capability for users to search trusted, mfa, etc. devices. When using the below API as an admin, things work.

https:///am/json/realms/root/users/{{TestUser}}/devices/profile?_prettyPrint=true&_queryFilter=true

But, when trying to do this as an end user / using access_token, I am getting an unauthorized error. Is there a better API to use to get this information?

Thanks
Nick

nick.hunt · January 23, 2024, 8:02pm

Interesting that it actually shows the am config path not the user path when getting an error / unauthorized for this.

{
    "code": 403,
    "reason": "Forbidden",
    "message": "User, id=<fr-uuid>,ou=user,ou=am-config, not authorized."
}