Password rules

Retrieve password rules

GET /api/v1/system/password_rules/

Retrieve all the security rules that a password should follow.

Authorization rights: minimum System Admin.

Example request:

GET /api/v1/system/password_rules/ HTTP/1.1
Host: example.com

{}

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "rulesApplyTo": "System, Provisioning, Service Provider Administrator",
   "allowWebAddExternalAuthenticationUsers": false,
   "disallowUserId": false,
   "disallowOldPassword": false,
   "disallowReversedOldPassword": false,
   "restrictMinDigits": true,
   "minDigits": 1,
   "restrictMinUpperCaseLetters": true,
   "minUpperCaseLetters": 1,
   "restrictMinLowerCaseLetters": true,
   "minLowerCaseLetters": 1,
   "restrictMinNonAlphanumericCharacters": false,
   "minNonAlphanumericCharacters": 1,
   "minLength": 6,
   "maxFailedLoginAttempts": 0,
   "passwordExpiresDays": 0,
   "sendLoginDisabledNotifyEmail": false,
   "loginDisabledNotifyEmailAddress": "",
   "disallowRulesModification": false,
   "disallowPreviousPasswords": false,
   "numberOfPreviousPasswords": 1,
   "forcePasswordChangeAfterReset": false
}
Request JSON Object:

  • rulesApplyTo (string) – the levels where the rules will be applied to. See System rules apply to attribute.

  • allowWebAddExternalAuthenticationUsers (boolean) – Allow to create End Users without specifying a password.

  • disallowUserId (boolean) – It is not allowed to have the user if in the password.

  • disallowOldPassword (boolean) – It is not allowed to reuse the current password as new one.

  • disallowReversedOldPassword (boolean) – It is not allowed to reuse the current password in reverse order as new one.

  • restrictMinDigits (boolean) – Restriction on minimum number of Digits enabled.

  • minDigits (integer) – Minimum number of Digits (if enable).

  • restrictMinUpperCaseLetters (boolean) – Restriction on minimum number of Upper Case letters enabled.

  • minUpperCaseLetters (integer) – Minimum number of Upper Case (if enable).

  • restrictMinLowerCaseLetters (boolean) – Restriction on minimum number of Lower Case letters enabled.

  • minLowerCaseLetters (integer) – Minimum number of Lower Case (if enable).

  • restrictMinNonAlphanumericCharacters (boolean) – Restriction on minimum number of Non AlphaNumeric characters enabled.

  • minNonAlphanumericCharacters (integer) – Minimum number of Non AlphaNumeric characters (if enable).

  • minLength (integer) – Minimum length of the password.

  • maxFailedLoginAttempts (integer) – Disable the credentials of the user after X consecutive failed login (0 means never).

  • sendLoginDisabledNotifyEmail (boolean) – Send an email to an admin when a login is disabled.

  • loginDisabledNotifyEmailAddress (string) – email address for the disabled login notification

  • passwordExpiresDays (integer) – The password expired after X days (0 means never).

  • disallowPreviousPasswords (boolean) – It is not allowed to reuse the last X old passwords as new one.

  • numberOfPreviousPasswords (integer) – Number of old passwords checked.

  • disallowRulesModification (boolean) – Indicate if a Group Admin is allowed to modify the rules.

  • forcePasswordChangeAfterReset (boolean) – Forces a password change after reset (only from OCI Rel 22).

Status Codes:

Update password rules

PUT /api/v1/system/password_rules/

Update the security rules that a password should follow for this System.

Authorization Right:minimum System Admin.

Example request:

PUT /api/v1/api/v1/system/password_rules/ HTTP/1.1
Host: example.com
Content-Type: "application/json"

{
   "minDigits": 2,
   "restrictMinLowerCaseLetters": true,
   "minLowerCaseLetters": 2,
   "minLength": 8
}

Example response:

Response:

Similar to GET instance method response.

Response JSON Object:

  • rulesApplyTo (string) – the levels where the rules will be applied to. See System rules apply to attribute.

  • allowWebAddExternalAuthenticationUsers (boolean) – Allow to create users without password in the AS because it will be validated by an external portal.

  • disallowUserId (boolean) – It is not allowed to have the user if in the password.

  • disallowOldPassword (boolean) – It is not allowed to reuse the current password as new one.

  • disallowReversedOldPassword (boolean) – It is not allowed to reuse the current password in reverse order as new one.

  • restrictMinDigits (boolean) – Restriction on minimum number of Digits enabled.

  • minDigits (integer) – Minimum number of Digits (if enable).

  • restrictMinUpperCaseLetters (boolean) – Restriction on minimum number of Upper Case letters enabled.

  • minUpperCaseLetters (integer) – Minimum number of Upper Case (if enable).

  • restrictMinLowerCaseLetters (boolean) – Restriction on minimum number of Lower Case letters enabled.

  • minLowerCaseLetters (integer) – Minimum number of Lower Case (if enable).

  • restrictMinNonAlphanumericCharacters (boolean) – Restriction on minimum number of Non AlphaNumeric characters enabled.

  • minNonAlphanumericCharacters (integer) – Minimum number of Non AlphaNumeric characters (if enable).

  • minLength (integer) – Minimum length of the password.

  • maxFailedLoginAttempts (integer) – Disable the credentials of the user after X consecutive failed login (0 means never).

  • sendLoginDisabledNotifyEmail (boolean) – Send an email to an admin when a login is disabled.

  • loginDisabledNotifyEmailAddress (string) – email address for the disabled login notification (if enable).

  • passwordExpiresDays (integer) – The password expired after X days (0 means never).

  • disallowPreviousPasswords (boolean) – It is not allowed to reuse the last X old passwords as new one.

  • numberOfPreviousPasswords (integer) – Number of old passwords checked (if enable).

  • forcePasswordChangeAfterReset (boolean) – Forces a password change after reset (only from OCI Rel 22).

Status Codes:

  • 200 OK – no error

  • 400 Bad Request – error in the input data, most probably due to incorrect values.