Validate Password

A password policy consists of a list of rules that new passwords must follow to be policy compliant. A password can be checked for compliancy via this end point.

More information on password policies in Camunda can be found in the password policy user guide and in the security instructions.

Method

POST /identity/password-policy

Parameters

Request Body

A JSON object with the following properties:

Name Type Description
password String The candidate password to be check against the password policy.
profile Object A JSON object containing variable key-value pairs.
The object can contain the following properties: id (String), firstName (String), lastName (String) and email (String).

Result

The response contains a JSON object corresponding to the PasswordPolicyResult interface in the engine. Its properties are as follows:

Name Value Description
valid Boolean true if the password is compliant with the policy, otherwise false
rules Array A JSON array of password policy rules. Each element of the array is a JSON object representing one rule of the policy.
Name Value Description
placeholder String A placeholder string that can be used to display an internationalized message to the user.
parameters Object A map of parameters that can be used to display a parameterized message to the user.
valid Boolean true if the password is compliant with this rule, otherwise false

Response Codes

Code Media Type Description
200 Request successful.
404 application/json No password policy was found to check the password against.

Example

This example uses the built-in password policy that enforces a minimum password length, and some complexity rules. The checked password is myPassword which is not complex enough to match all of the policy rules.

Request

POST /identity/password-policy

Request Body:

{
   "password": "myPassword",
   "profile": {
      "id": "jonny1",
      "firstName": "John",
      "lastName": "Doe",
      "email": "jonny@camunda.org"
   }
}

Response

{
    "rules": [
        {
           "placeholder": "PASSWORD_POLICY_USER_DATA",
           "parameter": null,
           "valid": true
        },
        {
            "placeholder": "PASSWORD_POLICY_LOWERCASE",
            "parameter": {"minLowerCase": "1"},
            "valid": true
        },
        {
            "placeholder": "PASSWORD_POLICY_LENGTH",
            "parameter": {"minLength": "10"},
            "valid": false
        },
        {
            "placeholder": PASSWORD_POLICY_UPPERCASE",
            "parameter": {"minUpperCase": "1"},
            "valid": false
        },
        {
            "placeholder": "PASSWORD_POLICY_DIGIT",
            "parameter": {"minDigit": "1"},
            "valid": false
        },
        {
            "placeholder": "PASSWORD_POLICY_SPECIAL",
            "parameter": {"minSpecial": "1"},
            "valid": false
        }
    ],
    "valid": false
}

On this Page: