User Password Rules

GET /api/v1/mngt/user_password_rules/

Retrieve password rules that apply for a user (of any type) that the authenticated user can manage.

Example request:

GET /api/v1/mngt/user_login_info/ HTTP/1.1
Host: example.com
Content-Type: "application/json"

{
   "username": "ApioUser11",
}
Request JSON Object:

  • username (optional) (string) – the username of the user. Mutually exclusive with phoneNumber. If none is provided it will be the info of the authenticated user.

  • phoneNumber (optional) (string) – the phone number of the user. Mutually exclusive with username If none is provided it will be the info of the authenticated user.

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "disallowUserId": false,
   "disallowOldPassword": false,
   "disallowReversedOldPassword": false,
   "restrictMinDigits": false,
   "minDigits": 1,
   "restrictMinUpperCaseLetters": false,
   "minUpperCaseLetters": 1,
   "restrictMinLowerCaseLetters": false,
   "minLowerCaseLetters": 1,
   "restrictMinNonAlphanumericCharacters": false,
   "minNonAlphanumericCharacters": 1,
   "minLength": 6,
   "maxFailedLoginAttempts": 0,
   "passwordExpiresDays": 0,
   "sendLoginDisabledNotifyEmail": false,
   "disallowPreviousPasswords": false,
   "numberOfPreviousPasswords": 1,
   "forcePasswordChangeAfterReset": false
}
Request JSON Object:

  • disallowUserId (boolean) – It is not allowed to have the user if in the password.

  • disallowOldPassword (boolean) – It is not allowed to reuse the current password as new one.

  • disallowReversedOldPassword (boolean) – It is not allowed to reuse the current password in reverse order as new one.

  • restrictMinDigits (boolean) – Restriction on minimum number of Digits enabled.

  • minDigits (integer) – Minimum number of Digits (if enable).

  • restrictMinUpperCaseLetters (boolean) – Restriction on minimum number of Upper Case letters enabled.

  • minUpperCaseLetters (integer) – Minimum number of Upper Case (if enable).

  • restrictMinLowerCaseLetters (boolean) – Restriction on minimum number of Lower Case letters enabled.

  • minLowerCaseLetters (integer) – Minimum number of Lower Case (if enable).

  • restrictMinNonAlphanumericCharacters (boolean) – Restriction on minimum number of Non AlphaNumeric characters enabled.

  • minNonAlphanumericCharacters (integer) – Minimum number of Non AlphaNumeric characters (if enable).

  • minLength (integer) – Minimum length of the password.

  • maxFailedLoginAttempts (integer) – Disable the credentials of the user after X consecutive failed login (0 means never).

  • sendLoginDisabledNotifyEmail (boolean) – Send an email to an admin when a login is disabled.

  • loginDisabledNotifyEmailAddress (string) – email address for the disabled login notification (if enable).

  • passwordExpiresDays (integer) – The password expired after X days (0 means never).

  • disallowPreviousPasswords (boolean) – It is not allowed to reuse the last X old passwords as new one.

  • numberOfPreviousPasswords (integer) – Number of old passwords checked (if enable).

Response JSON Object:

  • forcePasswordChangeAfterReset (boolean) – Forces a password change after reset (only from OCI Rel 22).

Status Codes:

  • 200 OK – no error

  • 404 Not Found – user not found or not allowed to be managed by the authenticated user (to avoid user enumeration)

Note: the rules could slightly vary (some present, others not) depending on the type of user

Own Password Rules

GET /api/v1/session/user_password_rules/

Retrieve password rules that apply to the authenticated user.

Example request:

GET /api/v1/session/user_login_info/ HTTP/1.1
Host: example.com
Content-Type: "application/json"

{
}

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "disallowUserId": false,
   "disallowOldPassword": false,
   "disallowReversedOldPassword": false,
   "restrictMinDigits": false,
   "minDigits": 1,
   "restrictMinUpperCaseLetters": false,
   "minUpperCaseLetters": 1,
   "restrictMinLowerCaseLetters": false,
   "minLowerCaseLetters": 1,
   "restrictMinNonAlphanumericCharacters": false,
   "minNonAlphanumericCharacters": 1,
   "minLength": 6,
   "maxFailedLoginAttempts": 0,
   "passwordExpiresDays": 0,
   "sendLoginDisabledNotifyEmail": false,
   "disallowPreviousPasswords": false,
   "numberOfPreviousPasswords": 1,
   "forcePasswordChangeAfterReset": false
}
Request JSON Object:

  • disallowUserId (boolean) – It is not allowed to have the user if in the password.

  • disallowOldPassword (boolean) – It is not allowed to reuse the current password as new one.

  • disallowReversedOldPassword (boolean) – It is not allowed to reuse the current password in reverse order as new one.

  • restrictMinDigits (boolean) – Restriction on minimum number of Digits enabled.

  • minDigits (integer) – Minimum number of Digits (if enable).

  • restrictMinUpperCaseLetters (boolean) – Restriction on minimum number of Upper Case letters enabled.

  • minUpperCaseLetters (integer) – Minimum number of Upper Case (if enable).

  • restrictMinLowerCaseLetters (boolean) – Restriction on minimum number of Lower Case letters enabled.

  • minLowerCaseLetters (integer) – Minimum number of Lower Case (if enable).

  • restrictMinNonAlphanumericCharacters (boolean) – Restriction on minimum number of Non AlphaNumeric characters enabled.

  • minNonAlphanumericCharacters (integer) – Minimum number of Non AlphaNumeric characters (if enable).

  • minLength (integer) – Minimum length of the password.

  • maxFailedLoginAttempts (integer) – Disable the credentials of the user after X consecutive failed login (0 means never).

  • sendLoginDisabledNotifyEmail (boolean) – Send an email to an admin when a login is disabled.

  • loginDisabledNotifyEmailAddress (string) – email address for the disabled login notification (if enable).

  • passwordExpiresDays (integer) – The password expired after X days (0 means never).

  • disallowPreviousPasswords (boolean) – It is not allowed to reuse the last X old passwords as new one.

  • numberOfPreviousPasswords (integer) – Number of old passwords checked (if enable).

Response JSON Object:

  • forcePasswordChangeAfterReset (boolean) – Forces a password change after reset (only from OCI Rel 22).

Status Codes:

  • 200 OK – no error

  • 404 Not Found – user not found or not allowed to be managed by the authenticated user (to avoid user enumeration)

Note: the rules could slightly vary (some present, others not) depending on the type of user