1. REST API for Password Policy Management in Oracle Access Manager
  2. Tasks
  3. PasswordPolicy

Add password policies

post

/iam/admin/access/api/v1/policy/PasswordPolicies

post method to add password policies to OAM.

Request

Query Parameters
Body ()
list of password policy assignments
Root Schema : schema
Type: array
Show Source
Nested Schema : PasswordPolicyAssignment
Type: object
Show Source
Nested Schema : assignmentRule
Type: object
Show Source
  • The identity store reference id for which the current password policy is assigned to.
  • This has to match with the password policy specified in the passwordPolicyInfo id
  • The priority for this password policy assignment. The policy for the user is ascertained by getting all the assignement rules for the idstore in which the user belongs, sorted using priority. The first applicable password policy is then chosen as the password policy applicable for the user.
  • The ruletype is an integer enumerator which specifies the kind of rule 1-none 2 -group
  • If the ruleType indicated group, then the rulevale indicates the group to which the user must belong to for the password policy to be applicable.
Nested Schema : passwordPolicyInfo
Type: object
Show Source
  • Not supported in OAM. A Boolean value. When true, the client UI will present all challengers in random order each time displayed. When false, the client UI will present one challenge question at a time where the subject MUST respond before the next is displayed.
  • Not supported in OAM. A complex attribute that defines policy around challenges. It contains the following sub-attributes.source An Integer indicating one of the following + 0 - User Defined. + 1 - Admin Defined. + 2 - User and Admin Defined.
  • Always false in OAM. A Boolean value indicating challenges MAY be used during authentication. Not supported. None of the challenge question/answers related policy elements are supported since OAM doesnt support user challenge questions/answers.
  • Not supported in OAM. A Multi-valued String attribute that contains one or more default question a subject may use when setting their challenge questions.Not supported in OAM
  • A String that describes the current policy. Typically used for informational purposes (e.g. to display to a user).
  • A Reference value containing the URI of a dictionary of words not allowed to appear within a password value.
  • A String value whose contents indicates a set of characters that SHALL NOT appear, in any sequence, in a password value.
  • A Multi-valued String indicating a set of Strings that SHALL NOT appear within a password value.
  • An Integer indicating the numbers of days after which a password reset is required.
  • A Boolean indicating a sequence of characters matching the resource's "name.givenName" SHALL NOT be included in the password.
  • Unique identifier representing a specific password policy.
  • A Boolean indicating a sequence of characters matching the resource's "name.familyName" SHALL NOT be included in the password.
  • An Integer indicating the number of minutes an account will be locked after maxIncorrectAttempts exceeded.
  • An Integer representing the maximum number of failed logins before an account is locked.
  • Not supported in OAM. An Integer indicates the maximum number of failed reset password attempts using challenges. If any challenges are wrong in a reset attempt, the users resetAttempts counter will be incremented by 1. If resetAttempts is greater than maxIncorrectAttempts, the subject's account will be locked with a locked.reason value.
  • An Integer indicating the maximum password length (in characters). A value of 0 or no value SHALL indicate no maximum length restriction.
  • An Integer indicating the maximum number of repeated characters in a password. A value of 0 or no value SHALL indicate no restriction.
  • An Integer indicating the maximum number of special characters in a password. A value of 0 or no value SHALL indicate no maximum length restriction.
  • An Integer indicating the minimum number of alphabetic or numeric characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • An Integer indicating the minimum number of alphabetic characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • Not supported in OAM. An Integer indicating the minimum number of challenge answers a subject MUST answer when attempting to reset their password via forgot password request.
  • An Integer indicating the minimum password length (in characters). A value of 0 or no value SHALL indicate no minimum length restriction.
  • An Integer indicating the minimum number of lower-case alphabetic characters in a password. A value of 0 or no value SHALL indicateno minimum length restriction.
  • An Integer indicating the minimum number of numeric characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • An Integer indicating the minimum age in days before the password can be changed.
  • Not supported in OAM. An Integer indicating the minimum number of challenge questions a subject MUST answer when setting challenge question answers. A value of 0 or no value indicates no minimum. Not supported
  • Not supported in OAM. An Integer indicating the minimum number of characters in a challenge response. No value or a value of 0 indicates no minimum length (effectively 1).
  • An Integer indicating the minimum number of special characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • An integer indicating minimum number of unicode characters in a password.
  • An Integer indicating the minimum number of unique characters in a password. A value of 0 or no value SHALL indicate no minimum restriction.
  • An Integer indicating the minimum number of upper-case alphabetic characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • A String that is the name of the policy. Typically used for informational purposes (e.g. to display to the user)
  • An Integer indicating the number of passwords that will be kept in history that may not be used as a password.
  • A String value whose contents indicates a set of characters that MUST appear, in any sequence, in a password value.
  • A Boolean indicating that the password MUST being with an alphabetic character.
  • A Boolean indicating a sequence of characters matching the resource's "userName" SHALL NOT be included in the password.
  • An Integer indicating the number of days after which a password reset warning will be issued.
Back to Top

Response

Supported Media Types

200 Response

Password policy assignment
Body ()
Root Schema : schema
Type: array
Show Source
Nested Schema : PasswordPolicyAssignment
Type: object
Show Source
Nested Schema : assignmentRule
Type: object
Show Source
  • The identity store reference id for which the current password policy is assigned to.
  • This has to match with the password policy specified in the passwordPolicyInfo id
  • The priority for this password policy assignment. The policy for the user is ascertained by getting all the assignement rules for the idstore in which the user belongs, sorted using priority. The first applicable password policy is then chosen as the password policy applicable for the user.
  • The ruletype is an integer enumerator which specifies the kind of rule 1-none 2 -group
  • If the ruleType indicated group, then the rulevale indicates the group to which the user must belong to for the password policy to be applicable.
Nested Schema : passwordPolicyInfo
Type: object
Show Source
  • Not supported in OAM. A Boolean value. When true, the client UI will present all challengers in random order each time displayed. When false, the client UI will present one challenge question at a time where the subject MUST respond before the next is displayed.
  • Not supported in OAM. A complex attribute that defines policy around challenges. It contains the following sub-attributes.source An Integer indicating one of the following + 0 - User Defined. + 1 - Admin Defined. + 2 - User and Admin Defined.
  • Always false in OAM. A Boolean value indicating challenges MAY be used during authentication. Not supported. None of the challenge question/answers related policy elements are supported since OAM doesnt support user challenge questions/answers.
  • Not supported in OAM. A Multi-valued String attribute that contains one or more default question a subject may use when setting their challenge questions.Not supported in OAM
  • A String that describes the current policy. Typically used for informational purposes (e.g. to display to a user).
  • A Reference value containing the URI of a dictionary of words not allowed to appear within a password value.
  • A String value whose contents indicates a set of characters that SHALL NOT appear, in any sequence, in a password value.
  • A Multi-valued String indicating a set of Strings that SHALL NOT appear within a password value.
  • An Integer indicating the numbers of days after which a password reset is required.
  • A Boolean indicating a sequence of characters matching the resource's "name.givenName" SHALL NOT be included in the password.
  • Unique identifier representing a specific password policy.
  • A Boolean indicating a sequence of characters matching the resource's "name.familyName" SHALL NOT be included in the password.
  • An Integer indicating the number of minutes an account will be locked after maxIncorrectAttempts exceeded.
  • An Integer representing the maximum number of failed logins before an account is locked.
  • Not supported in OAM. An Integer indicates the maximum number of failed reset password attempts using challenges. If any challenges are wrong in a reset attempt, the users resetAttempts counter will be incremented by 1. If resetAttempts is greater than maxIncorrectAttempts, the subject's account will be locked with a locked.reason value.
  • An Integer indicating the maximum password length (in characters). A value of 0 or no value SHALL indicate no maximum length restriction.
  • An Integer indicating the maximum number of repeated characters in a password. A value of 0 or no value SHALL indicate no restriction.
  • An Integer indicating the maximum number of special characters in a password. A value of 0 or no value SHALL indicate no maximum length restriction.
  • An Integer indicating the minimum number of alphabetic or numeric characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • An Integer indicating the minimum number of alphabetic characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • Not supported in OAM. An Integer indicating the minimum number of challenge answers a subject MUST answer when attempting to reset their password via forgot password request.
  • An Integer indicating the minimum password length (in characters). A value of 0 or no value SHALL indicate no minimum length restriction.
  • An Integer indicating the minimum number of lower-case alphabetic characters in a password. A value of 0 or no value SHALL indicateno minimum length restriction.
  • An Integer indicating the minimum number of numeric characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • An Integer indicating the minimum age in days before the password can be changed.
  • Not supported in OAM. An Integer indicating the minimum number of challenge questions a subject MUST answer when setting challenge question answers. A value of 0 or no value indicates no minimum. Not supported
  • Not supported in OAM. An Integer indicating the minimum number of characters in a challenge response. No value or a value of 0 indicates no minimum length (effectively 1).
  • An Integer indicating the minimum number of special characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • An integer indicating minimum number of unicode characters in a password.
  • An Integer indicating the minimum number of unique characters in a password. A value of 0 or no value SHALL indicate no minimum restriction.
  • An Integer indicating the minimum number of upper-case alphabetic characters in a password. A value of 0 or no value SHALL indicate no minimum length restriction.
  • A String that is the name of the policy. Typically used for informational purposes (e.g. to display to the user)
  • An Integer indicating the number of passwords that will be kept in history that may not be used as a password.
  • A String value whose contents indicates a set of characters that MUST appear, in any sequence, in a password value.
  • A Boolean indicating that the password MUST being with an alphabetic character.
  • A Boolean indicating a sequence of characters matching the resource's "userName" SHALL NOT be included in the password.
  • An Integer indicating the number of days after which a password reset warning will be issued.

401 Response

Unauthorized

404 Response

Requested entity not found

500 Response

Internal Server Error
Back to Top