GET /system/authorization/password_policies

Retrieves a list of Password Policies that exist on the system

View a list of all the Password Policies available on the system. Currently this is limited to exactly 1 policy. A policy defines the requirements for passwords that are stored locally, and that will be enforced on login or while creating a new user, or while a user is updating their password.

Table 1. GET /system/authorization/password_policies resource details
MIME Type
application/json

Table 2. GET /system/authorization/password_policies request parameter details
Parameter	Type	Optionality	Data Type	MIME Type	Description
Range	header	Optional	String	text/plain	Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.
filter	query	Optional	String	text/plain	Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.
fields	query	Optional	String	text/plain	Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 3. GET /system/authorization/password_policies response codes
HTTP Response Code	Unique Code	Description
200		The Password Policy list was retrieved

Response Description

An array of Password Policy objects. Passwords stored in the system must adhere to the policy. A Password Policy object has the following fields:

id - Number - The ID of the Password Policy
minimum_length - The minimum length that passwords on the system must adhere to
variance_rules - Contains a subset of the following values: UPPER_CASE, LOWER_CASE, NUMBER, OTHER.
variance_rules_required_count - The number of variance_rules that must be met before a password is said to 'pass'. This must be a number between 0 and 4.
password_history_size - The number of password_expiry_intervals that passwords are remembered and not allowed to be reused. Must be greater than 0, or 'null'. For example, with a password_history_size of 3 and a password_expiry_interval of 90 (days), 270 days must pass before a password can be reused. If a user changes their password four times in one day, they still cannot use the first password because 270 days have not passed.
password_expiry_interval - The number of milliseconds before a password must be changed. Setting this field to 'null' means passwords never expire.
disallow_repeating_characters - Set this value to true to disallow more than 2 repeating characters. For example, "abbc" is allowed, where "abbbc" is not.

Response Sample


[
    {
        "disallow_repeating_characters": true,
        "id": 42,
        "minimum_length": 42,
        "password_expiry_interval": 42,
        "password_history_size": 42,
        "variance_rules": [
            "String <one of: UPPER_CASE, LOWER_CASE, NUMBER, OTHER>"
        ],
        "variance_rules_required_count": 42
    }
]