I’ve been working with the (source.developer.comodo.com/frontend/web/topic/get-devices-mdm-tokens-assigned-to-device-group) assigned to a specific device group using the endpoint /api/rest/v1/device-group/assigned-device-mdm-tokens-list. While following the documentation, I encountered some issues that I can’t seem to resolve.
Here’s the setup and what I’ve tried:
- I’m using the GET method with the required headers: Content-Type, x-auth-type, and x-auth-token. The request URL is formatted as described, including the required id parameter for the group.
- The x-auth-token is generated using the Comodo authentication service, and token validation confirms it’s active.
- The API consistently returns a 400 Bad Request or 403 Forbidden error, depending on the headers used, even though the token and group ID are valid.
Here’s a sample of the request I’m sending (Python):
import http.client
conn = http.client.HTTPSConnection("subdomain-msp.env.comodo.com")
headers = {
'content-type': "application/json",
'x-auth-type': "4",
'x-auth-token': "valid_auth_token_here",
'cache-control': "no-cache",
}
conn.request("GET", "/api/rest/v1/device-group/assigned-device-mdm-tokens-list?id=1", headers=headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
Despite double-checking the endpoint, token, and headers, I still can’t retrieve the data. Here are some questions I have:
- Could there be additional permissions or roles required for the API token that aren’t mentioned in the documentation?
- Does the group ID format need to follow any specific structure (e.g., UUID, numeric ID)?
- Could the Content-Type header or other parameters cause compatibility issues?
- Are there specific scenarios where the API might return 403 Forbidden despite having a valid token?
If anyone has experience with this API or has encountered similar issues, I’d appreciate your help in troubleshooting this. Thank you!