We are using 1IM to generate a passcode for a new user which will be then published in Password Manager i.e.
https://PMTest.domain.local/PMUser/ws/setpasscode?user=[sAMAccountName]&domain=[ADDomain]&passcode=5yth567x
This works fine and the user in question could use the OTP.
The account which is used to authenticate to the password manager executing the Web-Service can be “standard end-user” who is not member of the Helpdesk group and the new passcode would be assigned properly.
Anyone a clue how to secure the web-call in a way that only members of the Password Manager Helpdesk group are allowed to perform this action?