Is this a support feature & is it something that we should be using? It seems like it would be ideal for provisioning nodes, if it does what I think it does…
This used to work, but it got broken when we made request validation more strict (github issue).
In any case, doing this is not recommended, and with LoRaWAN 1.1 and our upcoming v3 backend we will no longer be able to provide this feature at all. You should really consider using a more secure device commissioning procedure that generates unique keys for each device, registers the device into the application and flashes the keys into the device (or preferably the device’s secure element).