This issue is identified as a bug (230545). Blue Coat plans to resolve this issue (current expected in service update 6.8.5.1). Continue to check the release notes for this resolution.
Workaround
Generate the One Time Password by appending an IP parameter to the URL request. For example:
&ip=8.8.8.8.
Consider the following sample URL.
http://portal.threatpulse.com:8080/api/locations?name=Store10&type=cert-firewall&ip=8.8.8.8
Changes the location name (Store10). The IP can be any address because it will be ignored.