Update Password Policy
PUT {{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}You can update the password policy for the specified environment by changing the values of its properties. The PUT {{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}} operation updates the password policy specified by the password policy ID in the request URL. The request body specifies values for the properties associated with the password policy.
Prerequisites
-
Refer to Password Policies for important overview information.
Request Model
Refer to the Password policies data model for full property descriptions.
| Property | Type | Required? |
|---|---|---|
|
Boolean |
Optional |
|
Boolean |
Required |
|
String |
Optional |
|
Boolean |
Required |
|
Boolean |
Required |
|
Integer |
Optional |
|
Integer |
Optional |
|
Integer |
Optional |
|
Integer |
Optional |
|
Integer |
Optional |
|
Integer |
Optional |
|
Integer |
Optional |
|
Integer |
Optional |
|
Integer |
Optional |
|
String[] |
Optional |
|
Integer |
Optional |
|
Integer |
Optional |
|
String |
Required |
|
Boolean |
Required |
The following password requirements property values cannot be modified at this time, but they can be excluded from the request to turn the requirement off.
| Password requirement | Fixed value | Can be excluded |
|---|---|---|
|
255 |
Yes |
|
8 |
Yes |
|
2 |
Yes |
|
abcdefghijklmnopqrstuvwxyz": 1, |
Yes |
|
7 |
Yes |
|
5 |
Yes |
The following password requirements property values can be modified, and they can be excluded from the request to turn the requirement off.
| Password requirement | Default value | Can be excluded |
|---|---|---|
|
182 |
Yes |
|
1 |
Yes |
The minimum value for maxAgeDays is minAgeDays + 21 (the expiration warning interval).
The following password policy rules can be changed to any positive integer, and these properties can be excluded from the request to turn the requirement off. If history is included, both values, count and retentionDays, must be defined. Likewise, if lockout is included, both values, failureCount and durationSeconds, must be defined.
| Password policy rule | Default value | Can be excluded |
|---|---|---|
|
6 |
Yes |
|
365 |
Yes |
|
900 |
Yes |
|
5 |
Yes |
Password attributes with boolean values such as default, excludesProfileData, notSimilarToCurrent, and excludesCommonlyUsed are required. The rule can be turned on or off by changing the value.
The sample request provided changes the custom policy, PassphraseCustom1, (refer to Create Password Policy) password policy by setting the history.count property value to 6 and the lockout.failureCount property value to 4.
Body
raw ( application/json )
{
"name": "PassphraseCustom1",
"description": "A policy that encourages the use of passphrases",
"excludesProfileData": true,
"notSimilarToCurrent": true,
"excludesCommonlyUsed": true,
"minComplexity": 7,
"maxAgeDays": 182,
"minAgeDays": 1,
"history": {
"count": 6,
"retentionDays": 365
},
"lockout": {
"failureCount": 4,
"durationSeconds": 900
},
"default": false
}Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff --request PUT '{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"name": "PassphraseCustom1",
"description": "A policy that encourages the use of passphrases",
"excludesProfileData": true,
"notSimilarToCurrent": true,
"excludesCommonlyUsed": true,
"minComplexity": 7,
"maxAgeDays": 182,
"minAgeDays": 1,
"history": {
"count": 6,
"retentionDays": 365
},
"lockout": {
"failureCount": 4,
"durationSeconds": 900
},
"default": false
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Put);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""name"": ""PassphraseCustom1""," + "\n" +
@" ""description"": ""A policy that encourages the use of passphrases""," + "\n" +
@" ""excludesProfileData"": true," + "\n" +
@" ""notSimilarToCurrent"": true," + "\n" +
@" ""excludesCommonlyUsed"": true," + "\n" +
@" ""minComplexity"": 7," + "\n" +
@" ""maxAgeDays"": 182," + "\n" +
@" ""minAgeDays"": 1," + "\n" +
@" ""history"": {" + "\n" +
@" ""count"": 6," + "\n" +
@" ""retentionDays"": 365" + "\n" +
@" }," + "\n" +
@" ""lockout"": {" + "\n" +
@" ""failureCount"": 4," + "\n" +
@" ""durationSeconds"": 900" + "\n" +
@" }," + "\n" +
@" ""default"": false" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}"
method := "PUT"
payload := strings.NewReader(`{
"name": "PassphraseCustom1",
"description": "A policy that encourages the use of passphrases",
"excludesProfileData": true,
"notSimilarToCurrent": true,
"excludesCommonlyUsed": true,
"minComplexity": 7,
"maxAgeDays": 182,
"minAgeDays": 1,
"history": {
"count": 6,
"retentionDays": 365
},
"lockout": {
"failureCount": 4,
"durationSeconds": 900
},
"default": false
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}PUT /environments/{{envID}}/passwordPolicies/{{passwordPolicyID}} HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}
{
"name": "PassphraseCustom1",
"description": "A policy that encourages the use of passphrases",
"excludesProfileData": true,
"notSimilarToCurrent": true,
"excludesCommonlyUsed": true,
"minComplexity": 7,
"maxAgeDays": 182,
"minAgeDays": 1,
"history": {
"count": 6,
"retentionDays": 365
},
"lockout": {
"failureCount": 4,
"durationSeconds": 900
},
"default": false
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"name\": \"PassphraseCustom1\",\n \"description\": \"A policy that encourages the use of passphrases\",\n \"excludesProfileData\": true,\n \"notSimilarToCurrent\": true,\n \"excludesCommonlyUsed\": true,\n \"minComplexity\": 7,\n \"maxAgeDays\": 182,\n \"minAgeDays\": 1,\n \"history\": {\n \"count\": 6,\n \"retentionDays\": 365\n },\n \"lockout\": {\n \"failureCount\": 4,\n \"durationSeconds\": 900\n },\n \"default\": false\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}")
.method("PUT", body)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}",
"method": "PUT",
"timeout": 0,
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"name": "PassphraseCustom1",
"description": "A policy that encourages the use of passphrases",
"excludesProfileData": true,
"notSimilarToCurrent": true,
"excludesCommonlyUsed": true,
"minComplexity": 7,
"maxAgeDays": 182,
"minAgeDays": 1,
"history": {
"count": 6,
"retentionDays": 365
},
"lockout": {
"failureCount": 4,
"durationSeconds": 900
},
"default": false
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'PUT',
'url': '{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}',
'headers': {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"name": "PassphraseCustom1",
"description": "A policy that encourages the use of passphrases",
"excludesProfileData": true,
"notSimilarToCurrent": true,
"excludesCommonlyUsed": true,
"minComplexity": 7,
"maxAgeDays": 182,
"minAgeDays": 1,
"history": {
"count": 6,
"retentionDays": 365
},
"lockout": {
"failureCount": 4,
"durationSeconds": 900
},
"default": false
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}"
payload = json.dumps({
"name": "PassphraseCustom1",
"description": "A policy that encourages the use of passphrases",
"excludesProfileData": True,
"notSimilarToCurrent": True,
"excludesCommonlyUsed": True,
"minComplexity": 7,
"maxAgeDays": 182,
"minAgeDays": 1,
"history": {
"count": 6,
"retentionDays": 365
},
"lockout": {
"failureCount": 4,
"durationSeconds": 900
},
"default": False
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("PUT", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}');
$request->setMethod(HTTP_Request2::METHOD_PUT);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "name": "PassphraseCustom1",\n "description": "A policy that encourages the use of passphrases",\n "excludesProfileData": true,\n "notSimilarToCurrent": true,\n "excludesCommonlyUsed": true,\n "minComplexity": 7,\n "maxAgeDays": 182,\n "minAgeDays": 1,\n "history": {\n "count": 6,\n "retentionDays": 365\n },\n "lockout": {\n "failureCount": 4,\n "durationSeconds": 900\n },\n "default": false\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Put.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"name": "PassphraseCustom1",
"description": "A policy that encourages the use of passphrases",
"excludesProfileData": true,
"notSimilarToCurrent": true,
"excludesCommonlyUsed": true,
"minComplexity": 7,
"maxAgeDays": 182,
"minAgeDays": 1,
"history": {
"count": 6,
"retentionDays": 365
},
"lockout": {
"failureCount": 4,
"durationSeconds": 900
},
"default": false
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"name\": \"PassphraseCustom1\",\n \"description\": \"A policy that encourages the use of passphrases\",\n \"excludesProfileData\": true,\n \"notSimilarToCurrent\": true,\n \"excludesCommonlyUsed\": true,\n \"minComplexity\": 7,\n \"maxAgeDays\": 182,\n \"minAgeDays\": 1,\n \"history\": {\n \"count\": 6,\n \"retentionDays\": 365\n },\n \"lockout\": {\n \"failureCount\": 4,\n \"durationSeconds\": 900\n },\n \"default\": false\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/passwordPolicies/{{passwordPolicyID}}")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "PUT"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
200 OK
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/passwordPolicies/0604f534-a757-4cc7-acc0-045b115d10b7"
},
"environment": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
}
},
"id": "0604f534-a757-4cc7-acc0-045b115d10b7",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"name": "PassphraseCustom1",
"description": "A policy that encourages the use of passphrases",
"excludesProfileData": true,
"notSimilarToCurrent": true,
"excludesCommonlyUsed": true,
"minComplexity": 7,
"maxAgeDays": 182,
"minAgeDays": 1,
"history": {
"count": 6,
"retentionDays": 365
},
"lockout": {
"failureCount": 4,
"durationSeconds": 900
},
"populationCount": 0,
"default": false
}