Skip to main content

REST APIs 25.1 Developer Guide

Password Policy Reference

This topic covers properties, parameters, and examples of password policy.

Curl Command Get the Password Policy

The org/:org_id/ path parameter is not specified in this command.

curl -i -X GET https://pce.my-company.com:8443/api/v2/authentication_services/password_policy -H "Accept: application/json" -u $KEY:$TOKEN

Example Default Response: 200 OK

{
  "require_type_number": true,
  "require_type_lowercase": true,
  "require_type_uppercase": true,
  "require_type_symbol": false,
  "min_characters_per_type": 1,
  "min_length": 8,
  "min_changed_characters": 1,
  "history_count": 1,
  "expire_time_days": 0,
  "updated_at": "2019-09-20T03:40:00Z",
  "updated_by": null
}
Parameters

Parameter

Description

Type

Req

require_type_number

If true, the password must contain a numerical digit.

Boolean

Yes

require_type_lowercase

If true, the password must contain a lowercase letter.

Boolean

Yes

require_type_uppercase

If true, the password must contain an uppercase letter.

Boolean

Yes

require_type_symbol

If true, the password must contain a symbol, for example:

! @ # $ % ^ * ? \u0026 \u003c \u003e

Boolean

Yes

min_characters_per_type

Minimum number of characters for each character type.

Integer

Yes

min_length

Minimum password length.

Integer

Yes

min_changed_characters

Minimum number of changed characters for a new password.

Minimum: 1

Maximum: 4

Integer

Yes

history_count

The number of old passwords to remember.

Minimum: 1

Maximum: 24

Integer

Yes

expire_time_days

Number of days until the password expires.

A value of 0 (zero) means the password never expires.

Minimum: 0

Maximum: 99

Integer

Yes

updated_at

RFC-3339 date-time timestamp of when the password

The policy was last updated and automatically recorded by the system.

date-time String

Yes

updated_by

The username of the person who last updated this is automatically recorded by the system.

String

Yes

Update Password Policy

Curl Command Update the Password Policy

The org/:org_id/ path parameter is not specified in this command.

curl -i -X PUT https://pce.my-company.com:8443/api/v2/authentication_services/password_policy -H "Content-Type: application/json" -u $KEY:$TOKEN -d '{"require_type_symbol": true, "expire_time_days": 90}

At least three of the four available character types must be true; otherwise, a 406 Not Acceptable error message will be returned.*

Parameters

Parameter

Description

Type

Required

require_type_number

If true, the password must contain a numerical digit.

Boolean

*

require_type_lowercase

If true, the password must contain a lowercase letter.

Boolean

*

require_type_uppercase

If true, the password must contain an uppercase letter.

Boolean

*

require_type_symbol

If true, the password must contain a symbol, for example:

! @ # $ % ^ * ? \u0026 \u003c \u003e

Boolean

*

min_characters_per_type

Minimum number of characters for each character type.

Integer

No

min_length

Minimum password length.

Integer

No

min_changed_characters

Minimum number of changed characters for new passwords.

Minimum: 1

Maximum: 4

Integer

No

history_count

The number of old passwords to remember.

Minimum: 1

Maximum: 24

Integer

No

expire_time_days

Number of days the password expires.

A value of 0 (zero) means the password never expires.

Minimum: 0

Maximum: 99

Integer

No

Example Request Body

Only the parameters to change must be included in the request body.

{
  "require_type_number": true,
  "require_type_lowercase": true,
  "require_type_uppercase": true,
  "require_type_symbol": true,
  "min_characters_per_type": 1,
  "min_length": 8,
  "min_changed_characters": 1,
  "history_count": 1,
  "expire_time_days": 90
}