Validate Password

A password policy consists of a list of rules that new passwords must follow to be policy compliant. A password can be checked for compliancy via this end point.

More information on password policies in Camunda can be found in the password policy user guide and in the security instructions.

Method

POST /identity/password-policy

Result

The response contains a JSON object corresponding to the CheckPasswordAgainstPolicyResult interface in the engine. Its properties are as follows:

Name Value Description
valid Boolean true if the password is compliant with the policy, otherwise false
rules Array A JSON array of password policy rules. Each element of the array is a JSON object representing one rule of the policy.
Name Value Description
placeholder String A placeholder string that can be used to display an internationalized message to the user.
parameters Object A map of parameters that can be used to display a parameterized message to the user.
valid Boolean true if the password is compliant with this rule, otherwise false

Response Codes

Code Media Type Description
200 Request successful.
404 application/json No password policy was found to check the password against.

Example

This example uses the default password policy that enforces a minimum password length and some complexity rules. The checked password is myPassword which is not complex enough to match all of the policy rules.

Request

POST /identity/password-policy

Request Body:

{
  "password": "myPassword"
}

Response

{
    "rules": [
        {
            "placeholder": "PASSWORD_POLICY_LOWERCASE",
            "parameters": {"minLowerCase": "1"},
            "valid": true
        },
        {
            "placeholder": "PASSWORD_POLICY_LENGTH",
            "parameters": {"minLength": "10"},
            "valid": false
        },
        {
            "placeholder": PASSWORD_POLICY_UPPERCASE",
            "parameters": {"minUpperCase": "1"},
            "valid": false
        },
        {
            "placeholder": "PASSWORD_POLICY_DIGIT",
            "parameters": {"minDigit": "1"},
            "valid": false
        },
        {
            "placeholder": "PASSWORD_POLICY_SPECIAL",
            "parameters": {"minSpecial": "1"},
            "valid": false
        }
    ],
    "valid": false
}

On this Page: