Change OTP token's user via API

Try to do a get first. Check which data is released by the firewall and then adapt your entries with a set. 

So you mean I have to use all tags/data from GET (not only tokenid), change the <user> only and send it back with SET?

Something like that should work. This is the best approach to any API, to simply check, what the product is giving you and alter the data and send it back. 

OK. The <secret> is the main identificator of the token, not <tokenid>. No other tags are needed if you don't want to change them.

Thank you for showing me the way.

Sorry. My mistake - it's not working. There is no error code returned now, but also the operation itself is not proceeded. I'm unable to even change the comment of OTP token, which should be the easiest operation.

Actually there is no <OTPTokens> part in response at all when I use <secret> tag in request:

<?xml version="1.0" encoding="UTF-8"?>
<Response APIVersion="1900.1" IPS_CAT_VER="1">
<Login>
<status>Authentication Successful</status>
</Login>
</Response>

When don't use <secret> tag in request, there is an error code 500:

<?xml version="1.0" encoding="UTF-8"?>
<Response APIVersion="1900.1" IPS_CAT_VER="1">
<Login>
<status>Authentication Successful</status>
</Login>
<OTPTokens transactionid="">
<Status code="500">Operation could not be performed on Entity.</Status>
</OTPTokens>
</Response>

Sorry. My mistake - it's not working. There is no error code returned now, but also the operation itself is not proceeded. I'm unable to even change the comment of OTP token, which should be the easiest operation.

Actually there is no <OTPTokens> part in response at all when I use <secret> tag in request:

<?xml version="1.0" encoding="UTF-8"?>
<Response APIVersion="1900.1" IPS_CAT_VER="1">
<Login>
<status>Authentication Successful</status>
</Login>
</Response>

When don't use <secret> tag in request, there is an error code 500:

<?xml version="1.0" encoding="UTF-8"?>
<Response APIVersion="1900.1" IPS_CAT_VER="1">
<Login>
<status>Authentication Successful</status>
</Login>
<OTPTokens transactionid="">
<Status code="500">Operation could not be performed on Entity.</Status>
</OTPTokens>
</Response>

I think secret and tokenid both required. Please check with them.
Example: 
<Set><OTPTokens><tokenid>d5b3a69c988b43b08811070c214c75b6</tokenid><secret>12345678912345678912345678912344</secret><user>user@domain.com</user></OTPTokens></Set>

Unfortunately it doesn't work. The result is still the same.

    <Status code="500">Operation could not be performed on Entity.</Status>

Check the apiparser.log and the applog.log at the same time to get a better understanding, what actually blocks. 

I was not sending one of the values/xml tags. It looks that in this case really all values are mandatory.

Thank you again for your help.