We are pleased to release an new improved API for Soracom Napter which allows for On-Demand Remote Access permissions to be controlled on a per-SIM basis.

With the existing API, Napter On-Demand Remote Access sessions are created by specifying the SIM ID in the body of the API request. The new API places the SIM ID parameter in the URL path instead, making it possible to control remote access to specific SIMs for administrators or field personnel by using path variables when configuring SAM user permissions.

The following APIs can now be used to create On-Demand Remote Access sessions:

• PortMapping:createPortMapping API: SIM ID specified in the request body
• PortMapping:createPortMappingForSim API: SIM ID specified in the request URL path

Since this update introduces a second API for creating remote access sessions, please review the following details to ensure your existing user permissions continue to work as expected.

Required Action: Update SAM User Permissions

1. Check if any of your SAM User, Role, or Default permissions currently specify the existing PortMapping:createPortMapping API (allow or deny).
2. Update each permission to add the new PortMapping:createPortMappingForSim API, following the desired allow or deny behavior.
3. (Optional) If you wish to restrict a user's access to a specific SIM, add a condition to the new PortMapping:createPortMappingForSim API to match the particular SIM, and ensure that the existing PortMapping:createPortMapping API is set to deny.

Please note that if you do not update your permissions, a SAM user whose PortMapping:createPortMapping API permission is currently denied may be able to access Napter using the new PortMapping:createPortMappingForSim API instead.

We recommend updating SAM User, Role, or Default permissions as soon as possible to avoid unexpected behavior.

Additional User Console Updates

On October 9, 2025, the On-Demand Remote Access function in the User Console will be updated to use the new PortMapping:createPortMappingForSim API.

If you do not update SAM user permissions as above, users may encounter the following issues:

• A user who previously could create On-Demand Remote Access sessions may no longer be able to do so until their permission is updated to allow the new API
• A user who previously was not able to create On-Demand Remote Access sessions may be able to do so because their permission has not been updated to deny the new API

We will provide a separate announcement once the User Console has been updated.

If you have any questions, please feel free to contact Soracom Support.