Skip to content

Create Password Policy

Creates a new Password Policy.

Warning

Currently, SAYMON doesn't use additional password policies. Requests that handle passwords (for example, Change User's Password) will test the new password against the default password policy.

Request

HTTP Request

PATCH /node/api/password-policies/

Permissions

manage-configuration

Body parameters

This request uses the Password Policy model.

Field Type Description
id String ID of the password policy.
name String Name of the password policy.
length Integer Minimum number of characters.
minLowercase Integer Minimum number of lowercase characters.
minCapital Integer Minimum number of capital characters.
minDigits Integer Minimum number of digits.
minSpecial Integer Minimum number of special characters. Special characters are all characters other than letters and digits.
changePasswordOnFirstLogin Boolean Whether to require a password change on the next login.
passwordLifetime Integer Time it takes for the password to expire.
passwordExpiredNotificationPeriod Integer Period of time before the password expiration, when the user is notified that their password is about to be expired.
uniquePasswordsNumber Integer The number of unique passwords, after which a user is allowed to set previously used password.

Request body

Request body contains a new password policy.

{
    "name": "Default",
    "length": 3,
    "minLowercase": 5,
    "minCapital": 1,
    "minDigits": 1,
    "minSpecial": 1,
    "changePasswordOnFirstLogin": true,
    "passwordExpiredNotificationPeriod": 1,
    "passwordLifetime": 7,
    "uniquePasswordsNumber": 1
}

You can omit all fields except name. Any omitted field will be set to 0.

{
    "name": "New Policy",
    "length": 32
}

Response

This request returns created password policy. See the Password Policy model for more information.

{
    "id": "635a91e0374904480417ef84",
    "name": "New Policy",
    "length": 32,
    "minLowercase": 0,
    "minCapital": 0,
    "minDigits": 0,
    "minSpecial": 0
}

Examples

This example creates a new password policy with the minimum password length set to 32.

Request

login=<...>
password=<...>
saymon_hostname=<...>
url=https://$saymon_hostname/node/api/password-policies/

curl -X PATCH $url -u $login:$password \
    -H "Content-Type: application/json" \
    -d @- <<EOF
{
    "name": "New Policy",
    "length": 32
}
EOF
let login = <...>
let password = <...>
let saymonHostname = <...>
let path = "/node/api/password-policies/";
let auth = "Basic " + btoa(login + ":" + password);

let headers = new Headers();
headers.append("Content-Type", "application/json");
headers.append("Authorization", auth);

let data = JSON.stringify({
    "name": "New Policy",
    "length": 32
});

let requestOptions = {
    method: "PATCH",
    headers: headers,
    body: data
};

fetch(saymonHostname + path, requestOptions)
    .then(response => response.text())
    .then(result => console.log(result))
    .catch(error => console.log("error", error));
const http = require("http");

let login = <...>
let password = <...>
let saymonHostname = <...>
let path = "/node/api/password-policies/";
let auth = "Basic " + Buffer.from(login + ":" + password).toString("base64");

let options = {
    "method": "PATCH",
    "hostname": saymonHostname,
    "headers": {
        "Authorization": auth,
        "Content-Type": "application/json"
    },
    "path": path
};

let req = http.request(options, function (res) {
    let chunks = [];

    res.on("data", function (chunk) {
        chunks.push(chunk);
    });

    res.on("end", function (chunk) {
        let body = Buffer.concat(chunks);
        console.log(body.toString());
    });

    res.on("error", function (error) {
        console.error(error);
    });
});

let data = JSON.stringify({
    "name": "New Policy",
    "length": 32
});

req.write(data);
req.end();
import requests

login = <...>
password = <...>
saymon_hostname = <...>
url = "https://" + saymon_hostname + "/node/api/password-policies/"

body = {
    "name": "New Policy",
    "length": 32
}

response = requests.request("PATCH", url, json=body, auth=(login, password))
print(response.text)

Response

Only the length field was defined in the request. All other fields are set to their default value of 0.

{
    "id": "635a5b5425bb8a49371f3f92",
    "name": "New Policy",
    "length": 32,
    "minLowercase": 0,
    "minCapital": 0,
    "minDigits": 0,
    "minSpecial": 0
}

See Also