Tenant Device Profile Authentication Password Rules

Retrieve Device Profile password rules

GET /api/v1/tenants/(string: tenant_id)/device_password_rules/

Retrieve all the service provider level device profile authentication password rule settings

Authorization rights: minimum System Admin.

Example request:

GET /api/v1/tenants/fooTenant/device_password_rules/ HTTP/1.1
Host: example.com

{}

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "useTenantSettings": true,
       "disallowAuthenticationName": true,
       "disallowOldPassword": false,
       "restrictMinDigits": true,
       "disallowReversedOldPassword": false,
       "minDigits": 1,
       "restrictMinUpperCaseLetters": false,
       "minUpperCaseLetters": 1,
       "restrictMinLowerCaseLetters": true,
       "minLowerCaseLetters": 1,
       "restrictMinNonAlphanumericCharacters": true,
       "minNonAlphanumericCharacters": 1,
       "minLength": 6,
       "sendPermanentLockoutNotification": false,
       "permanentLockoutNotifyEmailAddress": "",
       "deviceProfileAuthenticationLockoutType": "None",
       "deviceProfileTemporaryLockoutThreshold": 5,
       "deviceProfileWaitAlgorithm": "Double",
       "deviceProfileLockoutFixedMinutes": 5,
       "deviceProfilePermanentLockoutThreshold": 5
}

Response JSON Object:

• useTenantSettings (boolean) – if true Use Service Provider Settings else use System Settings

• disallowAuthenticationName (boolean) – It is not allowed to have the the authentication user name into password

• disallowOldPassword (boolean) – It is not allowed the old password

• restrictMinDigits (boolean) – Restriction on minimum number of Digits enabled.

• disallowReversedOldPassword (boolean) – It is not allowed to reuse the current password as new one.

• minDigits (integer) – Minimum number of Digits (if enable).

• restrictMinUpperCaseLetters (boolean) – Restriction on minimum number of Upper Case letters enabled.

• minUpperCaseLetters (integer) – Minimum number of Upper Case (if enable).

• restrictMinLowerCaseLetters (boolean) – Restriction on minimum number of Lower Case letters enabled.

• minLowerCaseLetters (integer) – Minimum number of Lower Case (if enable).

• restrictMinNonAlphanumericCharacters (boolean) – Restriction on minimum number of Non AlphaNumeric characters enabled.

• minNonAlphanumericCharacters (integer) – Minimum number of Non AlphaNumeric characters (if enable).

• minLength (integer) – Minimum length of the password.

• sendPermanentLockoutNotification (boolean) – Send an email to an admin When authentication is permanently locked out.

• permanentLockoutNotifyEmailAddress (string) – The email of an admin.

• deviceProfileAuthenticationLockoutType (string) – Authentication Lockout type for device profile authentication password rules.

• deviceProfileTemporaryLockoutThreshold (integer) – Device profile authentication password rules can be used to specify the maximum authentication attempts before temporary lockout.

• deviceProfileWaitAlgorithm (string) – Wait algorithm type for device profile/SIP authentication password rules.

• deviceProfileLockoutFixedMinutes (integer) – Number of minutes to wait when AuthenticationLockoutWaitAlgorithmType is set to fixed.

• deviceProfilePermanentLockoutThreshold (integer) – Device profile authentication password rules can be used to specify the maximum authentication attempts before temporary lockout.

Status Codes:

• 200 OK – no error

Update the device profile authentication Password Rules

PUT /api/v1/tenants/(string: tenant_id)/device_password_rules/

Request to modify the service provider level device profile authentication password rule settings. The useTenantSettings element can only be modified by a system administrator or a provisioning administrator.

Authorization Right:minimum System Admin.

Example request:

PUT /api/v1/tenants/fooTenant/device_password_rules/ HTTP/1.1
Host: example.com
Content-Type: "application/json"

{
   "minDigits": 2,
   "restrictMinLowerCaseLetters": true,
   "minLowerCaseLetters": 2,
   "minLength": 8
}

Example response:

Response:

Similar to GET instance method response.

Request JSON Object:

• useTenantSettings (boolean) – (optional) if enable Use Service Provider/Enterprise Settings instead of System Settings

• disallowAuthenticationName (boolean) – (optional) It is not allowed to have the authentication user name into password

• disallowOldPassword (boolean) – (optional) It is not allowed the old password

• restrictMinDigits (boolean) – (optional) Restriction on minimum number of Digits enabled.

• disallowReversedOldPassword (boolean) – (optional) It is not allowed to reuse the current password as new one.

• minDigits (integer) – (optional) Minimum number of Digits (if enable).

• restrictMinUpperCaseLetters (boolean) – (optional) Restriction on minimum number of Upper Case letters enabled.

• minUpperCaseLetters (integer) – (optional) Minimum number of Upper Case (if enable).

• restrictMinLowerCaseLetters (boolean) – (optional) Restriction on minimum number of Lower Case letters enabled.

• minLowerCaseLetters (integer) – (optional) Minimum number of Lower Case (if enable).

• restrictMinNonAlphanumericCharacters (boolean) – (optional) Restriction on minimum number of Non AlphaNumeric characters enabled.

• minNonAlphanumericCharacters (integer) – (optional) Minimum number of Non AlphaNumeric characters (if enable).

• minLength (integer) – (optional) Minimum length of the password.

• sendPermanentLockoutNotification (boolean) – (optional) Send an email to an admin When authentication is permanently locked out.

• permanentLockoutNotifyEmailAddress (string) – (optional) The email of an admin.

• deviceProfileAuthenticationLockoutType (string) – (optional) Authentication Lockout type for device profile authentication password rules.

• deviceProfileTemporaryLockoutThreshold (integer) – (optional) Device profile authentication password rules can be used to specify the maximum authentication attempts before temporary lockout.

• deviceProfileWaitAlgorithm (string) – (optional) Wait algorithm type for device profile/SIP authentication password rules.

• deviceProfileLockoutFixedMinutes (integer) – (optional) Number of minutes to wait when AuthenticationLockoutWaitAlgorithmType is set to fixed.

• deviceProfilePermanentLockoutThreshold (integer) – (optional) Device profile authentication password rules can be used to specify the maximum authentication attempts before temporary lockout.

Status Codes:

• 200 OK – no error

• 400 Bad Request – error in the input data, most probably due to incorrect values.

• 403 Forbidden – forbidden for given user level

Retrieve Device Profile Authenitcation password rules of the Tenant Admins

GET /api/v1/tenants/(string: tenant_id)/device_password_rules/active_rules/

Retrieve all the active Profile Authenitcation password rules for the admins of a Tenant.

Authorization Right:minimum Tenant Admin.

Example request:

GET /api/v1/tenants/fooTenant/device_profile_rules/active_rules/ HTTP/1.1
Host: example.com

{}

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
       "disallowAuthenticationName": true,
       "disallowOldPassword": false,
       "restrictMinDigits": true,
       "disallowReversedOldPassword": false,
       "minDigits": 1,
       "restrictMinUpperCaseLetters": false,
       "minUpperCaseLetters": 1,
       "restrictMinLowerCaseLetters": true,
       "minLowerCaseLetters": 1,
       "restrictMinNonAlphanumericCharacters": true,
       "minNonAlphanumericCharacters": 1,
       "minLength": 6,
       "sendPermanentLockoutNotification": false,
       "permanentLockoutNotifyEmailAddress": "",
       "deviceProfileAuthenticationLockoutType": "None",
       "deviceProfileTemporaryLockoutThreshold": 5,
       "deviceProfileWaitAlgorithm": "Double",
       "deviceProfileLockoutFixedMinutes": 5,
       "deviceProfilePermanentLockoutThreshold": 5
}

Response JSON Object:

• disallowAuthenticationName (boolean) – It is not allowed to have the the authentication user name into password

• disallowOldPassword (boolean) – It is not allowed the old password

• restrictMinDigits (boolean) – Restriction on minimum number of Digits enabled.

• disallowReversedOldPassword (boolean) – It is not allowed to reuse the current password as new one.

• minDigits (integer) – Minimum number of Digits (if enable).

• restrictMinUpperCaseLetters (boolean) – Restriction on minimum number of Upper Case letters enabled.

• minUpperCaseLetters (integer) – Minimum number of Upper Case (if enable).

• restrictMinLowerCaseLetters (boolean) – Restriction on minimum number of Lower Case letters enabled.

• minLowerCaseLetters (integer) – Minimum number of Lower Case (if enable).

• restrictMinNonAlphanumericCharacters (boolean) – Restriction on minimum number of Non AlphaNumeric characters enabled.

• minNonAlphanumericCharacters (integer) – Minimum number of Non AlphaNumeric characters (if enable).

• minLength (integer) – Minimum length of the password.

• sendPermanentLockoutNotification (boolean) – Send an email to an admin When authentication is permanently locked out.

• permanentLockoutNotifyEmailAddress (string) – The email of an admin.

• deviceProfileAuthenticationLockoutType (string) – Authentication Lockout type for device profile authentication password rules.

• deviceProfileTemporaryLockoutThreshold (integer) – Device profile authentication password rules can be used to specify the maximum authentication attempts before temporary lockout.

• deviceProfileWaitAlgorithm (string) – Wait algorithm type for device profile/SIP authentication password rules.

• deviceProfileLockoutFixedMinutes (integer) – Number of minutes to wait when AuthenticationLockoutWaitAlgorithmType is set to fixed.

• deviceProfilePermanentLockoutThreshold (integer) – Device profile authentication password rules can be used to specify the maximum authentication attempts before temporary lockout.

Status Codes:

• 200 OK – no error