Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

GET /system/authorization/password_policies

Retrieves a list of Password Policies that exist on the system

View a list of all the Password Policies available on the system. Currently this is limited to exactly 1 policy. A policy defines the requirements for passwords that are stored locally, and that will be enforced on login or while creating a new user, or while a user is updating their password.

Table 1: GET /system/authorization/password_policies Resource Details

MIME Type

application/json

Table 2: GET /system/authorization/password_policies Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 3: GET /system/authorization/password_policies Response Codes

HTTP Response Code

Unique Code

Description

200

 

The Password Policy list was retrieved

Response Description

An array of Password Policy objects. Passwords stored in the system must adhere to the policy. A Password Policy object has the following fields:

  • id - Number - The ID of the Password Policy

  • minimum_length - The minimum length that passwords on the system must adhere to

  • variance_rules - Contains a subset of the following values: UPPER_CASE, LOWER_CASE, NUMBER, OTHER.

  • variance_rules_required_count - The number of variance_rules that must be met before a password is said to 'pass'. This must be a number between 0 and 4.

  • password_history_size - The number of password_expiry_intervals that passwords are remembered and not allowed to be reused. Must be greater than 0, or 'null'. For example, with a password_history_size of 3 and a password_expiry_interval of 90 (days), 270 days must pass before a password can be reused. If a user changes their password four times in one day, they still cannot use the first password because 270 days have not passed.

  • password_expiry_interval - The number of milliseconds before a password must be changed. Setting this field to 'null' means passwords never expire.

  • disallow_repeating_characters - Set this value to true to disallow more than 2 repeating characters. For example, "abbc" is allowed, where "abbbc" is not.

Response Sample