There is a need to create a new user that only has/needs access to the API. Question being is it possible to achieve this if part of the new user registration is to change the password after login via the GUI? I only ask because I set up a few test accounts. One that does not restrict the GUI and one that does. On the one that does not they would be required to register a VIP cred since I have that enforced globally. In parallel to that there is a little script that I use to see if API functionality is working properly. The user with with no GUI restriction can execute the API call with no hiccups after the full registration process. The user with a GUI restriction returns a 409 conflict error.
At this point I don't care if I have to enable access to the GUI and have the requester go through the full VIP registration process. I just want to know what's going on with the user who does have a GUI restriction.