Help Center> Identity and Access Management> API Reference> API> Security Settings> Modifying the Password Policy

View PDF

Modifying the Password Policy

Function

This API is provided for the administrator to modify the password policy.

The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.

URI

PUT /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/password-policy

**Table 1** URI parameters
Parameter	Mandatory	Type	Description
domain_id	Yes	String	Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.

Request Parameters

**Table 2** Parameters in the request header
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Token with Security Administrator permissions.

**Table 3** Parameter in the request body
Parameter	Mandatory	Type	Description
password_policy	Yes	object	Password policy.

**Table 4** password_policy
Parameter	Mandatory	Type	Description
maximum_consecutive_identical_chars	Yes	Integer	Maximum number of times that a character is allowed to consecutively present in a password. Value range: 0–32.
minimum_password_age	Yes	Integer	Minimum period (minutes) after which users are allowed to make a password change. Value range: 0–1440.
minimum_password_length	Yes	Integer	Minimum number of characters that a password must contain. Value range: 6–32.
number_of_recent_passwords_disallowed	Yes	Integer	Number of previously used passwords that are not allowed. Value range: 0–10.
password_not_username_or_invert	Yes	Boolean	Indicates whether the password can be the username or the username spelled backwards.
password_validity_period	Yes	Integer	Password validity period (days). Value range: 0–180. Value 0 indicates that this requirement does not apply.
password_char_combination	Yes	Integer	Minimum number of character types that a password must contain. Value range: 2–4.

Response Parameters

**Table 5** Parameters in the response body
Parameter	Type	Description
password_policy	object	Password policy.

**Table 6** password_policy
Parameter	Type	Description
maximum_consecutive_identical_chars	Integer	Maximum number of times that a character is allowed to consecutively present in a password.
maximum_password_length	Integer	Maximum number of characters that a password can contain.
minimum_password_age	Integer	Minimum period (minutes) after which users are allowed to make a password change.
minimum_password_length	Integer	Minimum number of characters that a password must contain.
number_of_recent_passwords_disallowed	Integer	Number of previously used passwords that are not allowed.
password_not_username_or_invert	Boolean	Indicates whether the password can be the username or the username spelled backwards.
password_requirements	String	Characters that a password must contain.
password_validity_period	Integer	Password validity period (days).
password_char_combination	Integer	Minimum number of character types that a password must contain. Value range: 2–4.

Example Request

PUT https://iam.myhuaweicloud.com/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/password_policy 
 
{ 
  "password_policy" : { 
    "minimum_password_length" : 6, 
    "number_of_recent_passwords_disallowed" : 2, 
    "minimum_password_age" : 20, 
    "password_validity_period" : 60, 
    "maximum_consecutive_identical_chars" : 3, 
    "password_not_username_or_invert" : false,
    "password_char_combination" : 3
  } 
}

Example Response

Status code: 200

The request is successful.

{ 
  "password_policy" : { 
    "password_requirements" : "A password must contain at least two of the following: uppercase letters, lowercase letters, digits, and special characters.", 
    "minimum_password_age" : 20, 
    "minimum_password_length" : 8, 
    "maximum_password_length" : 32, 
    "number_of_recent_passwords_disallowed" : 2, 
    "password_validity_period" : 60, 
    "maximum_consecutive_identical_chars" : 3, 
    "password_not_username_or_invert" : true,
    "password_char_combination" : 3
  } 
}

Status code: 400

The request body is abnormal.

Example 1

{ 
   "error_msg" : "'%(key)s' is a required property.", 
   "error_code" : "IAM.0072" 
 }

Example 2

{ 
   "error_msg" : "Invalid input for field '%(key)s'. The value is '%(value)s'.", 
   "error_code" : "IAM.0073" 
 }

Status code: 403

Access denied.

Example 1

{ 
   "error_msg" : "You are not authorized to perform the requested action.", 
   "error_code" : "IAM.0002" 
 }

Example 2

{ 
   "error_msg" : "Policy doesn't allow %(actions)s to be performed.", 
   "error_code" : "IAM.0003" 
 }

Status code: 500

The system is abnormal.

{ 
  "error_msg" : "An unexpected error prevented the server from fulfilling your request.", 
  "error_code" : "IAM.0006" 
}

Status Codes

Status Code	Description
200	The request is successful.
400	The request body is abnormal.
401	Authentication failed.
403	Access denied.
500	The system is abnormal.

Error Codes

For details, see Error Codes.

Parent topic: Security Settings

Last Article: Querying the Operation Protection Policy

Next Article: Querying the Password Policy

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Products

Compute

Application

Dedicated Cloud

Storage

Management & Deployment

Migration

Network

Enterprise Intelligence

Video

Database

Edge Cloud Services

DevCloud

Security

Cloud Communications

Internet of Things

Solutions

Industry-Specific Solutions

General-Purpose Solutions

Security

DevOps

Enterprise Intelligence

Essential Platform

Big Data

Visual Cognition

Speech and Semantics

Support

Help Center

Customer Services

Developers

Console

语言 - Language

中国站 - 简体中文

中国站 - English

International - 简体中文

International - English