Help Center/ Identity and Access Management/ API Reference/ API/ Security Settings/ Querying the Password Policy of an Account
Updated on 2023-09-14 GMT+08:00

Querying the Password Policy of an Account

Function

This API is used to query the password policy of an account.

The API can be called using both the global endpoint and region-specific endpoints.

URI

GET /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/password-policy

Table 1 URI parameters

Parameter

Mandatory

Type

Description

domain_id

Yes

String

Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.

Request Parameters

Table 2 Parameters in the request header

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Access token issued to a user to bear its identity and permissions.

For details about the permissions required by the token, see Actions.

Response Parameters

Table 3 Parameters in the response body

Parameter

Type

Description

password_policy

object

Password policy.

Table 4 password_policy

Parameter

Type

Description

maximum_consecutive_identical_chars

Integer

Maximum number of times that a character is allowed to consecutively present in a password.

maximum_password_length

Integer

Maximum number of characters that a password can contain.

minimum_password_age

Integer

Minimum period (minutes) after which users are allowed to make a password change.

minimum_password_length

Integer

Minimum number of characters that a password must contain.

number_of_recent_passwords_disallowed

Integer

Number of previously used passwords that are not allowed.

password_not_username_or_invert

Boolean

Indicates whether the password can be the username or the username spelled backwards.

password_requirements

String

Characters that a password must contain.

password_validity_period

Integer

Password validity period (days).

password_char_combination

Integer

Minimum number of character types that a password must contain. Value range: 2–4.

Example Request

Request for querying the password policy of an account

GET https://iam.myhuaweicloud.eu/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/password-policy

Example Response

Status code: 200

The request is successful.

{ 
  "password_policy" : { 
    "password_requirements" : "A password must contain at least two of the following: uppercase letters, lowercase letters, digits, and special characters.", 
    "minimum_password_age" : 20, 
    "minimum_password_length" : 8, 
    "maximum_password_length" : 32, 
    "number_of_recent_passwords_disallowed" : 2, 
    "password_validity_period" : 60, 
    "maximum_consecutive_identical_chars" : 3, 
    "password_not_username_or_invert" : true,
    "password_char_combination" : 3
  } 
}

Status code: 403

Access denied.

  • Example 1
{ 
   "error_msg" : "You are not authorized to perform the requested action.", 
   "error_code" : "IAM.0002" 
 }
  • Example 2
{ 
   "error_msg" : "Policy doesn't allow %(actions)s to be performed.", 
   "error_code" : "IAM.0003" 
 }

Status code: 404

The requested resource cannot be found.

{ 
  "error_msg" : "Could not find %(target)s: %(target_id)s.", 
  "error_code" : "IAM.0004" 
}

Status code: 500

Internal server error.

{ 
  "error_msg" : "An unexpected error prevented the server from fulfilling your request.", 
  "error_code" : "IAM.0006" 
}

Status Codes

Status Code

Description

200

The request is successful.

401

Authentication failed.

403

Access denied.

404

The requested resource cannot be found.

500

Internal server error.

Error Codes

For details, see Error Codes.