Modifying the Password Policy
Function
This API is provided for the administrator to modify the password policy.
The API can be called using both the global endpoint and region-specific endpoints.
URI
PUT /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/password-policy
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
domain_id |
Yes |
String |
Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see Actions. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
Yes |
object |
Password policy. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
maximum_consecutive_identical_chars |
No |
Integer |
Maximum number of times that a character is allowed to consecutively present in a password. Value range: 0–32. |
minimum_password_age |
No |
Integer |
Minimum period (minutes) after which users are allowed to make a password change. Value range: 0–1440. |
minimum_password_length |
No |
Integer |
Minimum number of characters that a password must contain. Value range: 6–32. |
number_of_recent_passwords_disallowed |
No |
Integer |
Number of previously used passwords that are not allowed. Value range: 0–10. |
password_not_username_or_invert |
No |
Boolean |
Indicates whether the password can be the username or the username spelled backwards. |
password_validity_period |
No |
Integer |
Password validity period (days). Value range: 0–180. Value 0 indicates that this requirement does not apply. |
password_char_combination |
No |
Integer |
Minimum number of character types that a password must contain. Value range: 2–4. |
Response Parameters
Parameter |
Type |
Description |
---|---|---|
object |
Password policy. |
Parameter |
Type |
Description |
---|---|---|
maximum_consecutive_identical_chars |
Integer |
Maximum number of times that a character is allowed to consecutively present in a password. |
maximum_password_length |
Integer |
Maximum number of characters that a password can contain. |
minimum_password_age |
Integer |
Minimum period (minutes) after which users are allowed to make a password change. |
minimum_password_length |
Integer |
Minimum number of characters that a password must contain. |
number_of_recent_passwords_disallowed |
Integer |
Number of previously used passwords that are not allowed. |
password_not_username_or_invert |
Boolean |
Indicates whether the password can be the username or the username spelled backwards. |
password_requirements |
String |
Characters that a password must contain. |
password_validity_period |
Integer |
Password validity period (days). |
password_char_combination |
Integer |
Minimum number of character types that a password must contain. Value range: 2–4. |
Example Request
Request to change the password policy to the following: Must contain at least 6 characters, at least 3 character types, cannot be the same as the last two passwords, the minimum validity period must be 20 minutes, the password validity period must be 60 days, same characters can be used consecutively for a maximum of three times, and cannot be the same as the user name or the user name spelled backwards
PUT https://iam.myhuaweicloud.eu/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/password-policy
{
"password_policy" : {
"minimum_password_length" : 6,
"number_of_recent_passwords_disallowed" : 2,
"minimum_password_age" : 20,
"password_validity_period" : 60,
"maximum_consecutive_identical_chars" : 3,
"password_not_username_or_invert" : false,
"password_char_combination" : 3
}
}
Example Response
Status code: 200
The request is successful.
{ "password_policy" : { "password_requirements" : "A password must contain at least two of the following: uppercase letters, lowercase letters, digits, and special characters.", "minimum_password_age" : 20, "minimum_password_length" : 8, "maximum_password_length" : 32, "number_of_recent_passwords_disallowed" : 2, "password_validity_period" : 60, "maximum_consecutive_identical_chars" : 3, "password_not_username_or_invert" : true, "password_char_combination" : 3 } }
Status code: 400
The request body is abnormal.
- Example 1
{ "error_msg" : "'%(key)s' is a required property.", "error_code" : "IAM.0072" }
- Example 2
{ "error_msg" : "Invalid input for field '%(key)s'. The value is '%(value)s'.", "error_code" : "IAM.0073" }
Status code: 403
Access denied.
- Example 1
{ "error_msg" : "You are not authorized to perform the requested action.", "error_code" : "IAM.0002" }
- Example 2
{ "error_msg" : "Policy doesn't allow %(actions)s to be performed.", "error_code" : "IAM.0003" }
Status code: 500
The system is abnormal.
{ "error_msg" : "An unexpected error prevented the server from fulfilling your request.", "error_code" : "IAM.0006" }
Status Codes
Status Code |
Description |
---|---|
200 |
The request is successful. |
400 |
The request body is abnormal. |
401 |
Authentication failed. |
403 |
Access denied. |
500 |
The system is abnormal. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.