Modifying the Login Authentication Policy
Function
This API is provided for the administrator to modify the login authentication policy.
The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
Debugging
You can debug this API in API Explorer.
URI
PUT /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/login-policy
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
domain_id |
Yes |
String |
Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see Actions. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
Yes |
object |
Login authentication policy. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
account_validity_period |
No |
Integer |
Validity period (days) to disable users if they have not logged in within the period. Value range: 0–240 |
custom_info_for_login |
No |
String |
Custom information that will be displayed upon successful login. |
lockout_duration |
No |
Integer |
Account lockout duration (minutes). Value range: 15–30. |
login_failed_times |
No |
Integer |
The maximum number of unsuccessful login attempts to lock users out within a specific period. Value range: 3–10 |
period_with_login_failures |
No |
Integer |
Period (minutes) to count the number of unsuccessful login attempts. Value range: 15–60. |
session_timeout |
No |
Integer |
Session timeout (minutes) that will apply if you or users created using your account do not perform any operations within a specific period. Value range: 15–1440 |
show_recent_login_info |
No |
Boolean |
Indicates whether to display last login information upon successful login. The value can be true or false. |
Response Parameters
Parameter |
Type |
Description |
---|---|---|
object |
Login authentication policy. |
Parameter |
Type |
Description |
---|---|---|
account_validity_period |
Integer |
Validity period (days) to disable users if they have not logged in within the period. |
custom_info_for_login |
String |
Custom information that will be displayed upon successful login. |
lockout_duration |
Integer |
Account lockout duration (minutes). |
login_failed_times |
Integer |
The maximum number of login failures within a specified period. |
period_with_login_failures |
Integer |
Period (minutes) to count the number of unsuccessful login attempts. |
session_timeout |
Integer |
Session timeout (minutes) that will apply if you or users created using your account do not perform any operations within a specific period. |
show_recent_login_info |
Boolean |
Indicates whether to display last login information upon successful login. |
Example Request
Request for modifying the login authentication policy to the following: The period to count the number of unsuccessful login attempts is 15 minutes, an account that has not been logged in within 99 days will be locked out, the number of login failures within the login duration is 3, the login session expiration time is 16 minutes, and the last login information needs to be displayed.
PUT https://iam.myhuaweicloud.com/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/login-policy
{
"login_policy" : {
"custom_info_for_login" : "",
"period_with_login_failures" : 15,
"lockout_duration" : 15,
"account_validity_period" : 99,
"login_failed_times" : 3,
"session_timeout" : 16,
"show_recent_login_info" : true
}
}
Example Response
Status code: 200
The request is successful.
{ "login_policy" : { "custom_info_for_login" : "", "period_with_login_failures" : 15, "lockout_duration" : 15, "account_validity_period" : 99, "login_failed_times" : 3, "session_timeout" : 16, "show_recent_login_info" : true } }
Status code: 400
The request body is abnormal.
- Example 1
{ "error_msg" : "'%(key)s' is a required property.", "error_code" : "IAM.0072" }
- Example 2
{ "error_msg" : "Invalid input for field '%(key)s'. The value is '%(value)s'.", "error_code" : "IAM.0073" }
Status code: 403
Access denied.
{ "error_msg" : "You are not authorized to perform the requested action.", "error_code" : "IAM.0002" }
Status code: 500
The system is abnormal.
{ "error_msg" : "An unexpected error prevented the server from fulfilling your request.", "error_code" : "IAM.0006" }
Status Codes
Status Code |
Description |
---|---|
200 |
The request is successful. |
400 |
The request body is abnormal. |
401 |
Authentication failed. |
403 |
Access denied. |
500 |
The system is abnormal. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot