You can also check the effective configuration for the device, whether passwords are set at each level.

The endpoint to read the device PIN configuration is GET /api/v2/Smart/Device/{SDV_xxx}/DevicePinConfig.

Request
POST /api/v2/Smart/Device/SDV_8ZKMSAQ30VNH1WE6EGFJCCG4BCSAML/DevicePin HTTP/1.1
Host: connect-testing.secupay-ag.de
Authorization: Bearer qb56tjj1bcvo9n2nj4u38k84lo
Accept: application/json

If the Smart Device ID is valid, the API responds with 200 OK, and the requested information:

Response
HTTP/1.1 200 OK
Content-Type: application/json
 
{
"merchant": {
"id": "MRC_CJPC2M1SYRS9WPI4XLIYUUBY6SC9F4",
"auth_password_set": false
},
"store": {
"id": "STO_0SEWAPM1QV8AZWIC3N0BR5JXESKURO",
"auth_password_set": true
},
"smart_device": {
"id": "SDV_8ZKMSAQ30VNH1WE6EGFJCCG4BCSAML",
"auth_password_set": true
}
}

You cannot read the PIN itself, but you can see at which levels one is set.