FordPass account locked while using API

[flatsheep]

Hi

I had successfully implemented a small app using the API, when suddenly the authentication failed, I also received an email from Ford/IBM saying my account had been locked. The error code when logging in via the website/FordPass App was "CSIAH0320E". From Googling around, people are saying Ford doesn't allow 3rd party apps to log in without their consent. This is crazy, as they have a developer program, which I had signed up for.

It may be worthwhile adding a disclaimer that your account could be locked using this API, or provide guidance on how to prevent your account being locked using this API. For the moment, I'm awaiting on Ford unlocking my account.

Kind regards

Dave

[HKLM]

Ford (just like any other company with a API) logs all bad requests and monitors that to determine if they are (or a user of their system is) being hacked. When you send data to the API, if it is not 100% in the correct way, that will get their attention. Remember, all users who are using the FordPass app, will never make a bad request to the API.
My advice, is if you are going to play around with this, try to limit what you do send, especially if you are getting "bad request" type messages. When you send a lot of bad request traffic, it shows up in the log files.

11/10/2022 7:32:20 PM - Bad Request from IP 192.168.1.1
11/10/2022 7:33:11 PM - Bad Request from IP 192.168.1.1
11/10/2022 7:33:54 PM - Bad Request from IP 192.168.1.1
...

But if you spread it out over time, it will not be soo noticeable. Just 1 log entire out of hundreds and your prob be ok.