Create Password Org Config
POSThttps://sailpoint.api.identitynow.com/v2025/password-org-config
This API creates the password org config. Unspecified fields will use default value.
To be able to use the custom password instructions, you must set the customInstructionsEnabled
field to "true".
Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write'
Request
- application/json
Bodyrequired
Indicator whether custom password instructions feature is enabled. The default value is false.
false
true
Indicator whether "digit token" feature is enabled. The default value is false.
false
true
The duration of "digit token" in minutes. The default value is 5.
Possible values: >= 1
and <= 60
5
10
The length of "digit token". The default value is 6.
Possible values: >= 6
and <= 18
6
9
Responses
- 200
- 400
- 401
- 403
- 429
- 500
Reference to the password org config.
- application/json
- Schema
- Example (auto)
- Example
Schema
Indicator whether custom password instructions feature is enabled. The default value is false.
false
true
Indicator whether "digit token" feature is enabled. The default value is false.
false
true
The duration of "digit token" in minutes. The default value is 5.
Possible values: >= 1
and <= 60
5
10
The length of "digit token". The default value is 6.
Possible values: >= 6
and <= 18
6
9
{
"customInstructionsEnabled": true,
"digitTokenEnabled": true,
"digitTokenDurationMinutes": 10,
"digitTokenLength": 9
}
{
"customInstructionsEnabled": true,
"digitTokenDurationMinutes": 9,
"digitTokenEnabled": true,
"digitTokenLength": 12
}
Client Error - Returned if the request body is invalid.
- application/json
- Schema
- Example (auto)
Schema
Fine-grained error code providing more detail of the error.
400.1 Bad Request Content
Unique tracking id for the error.
e7eab60924f64aa284175b9fa3309599
messages object[]
causes object[]
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
- application/json
- Schema
- Example (auto)
Schema
A message describing the error
JWT validation failed: JWT is expired
{
"error": "JWT validation failed: JWT is expired"
}
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
- application/json
- Schema
- Example (auto)
- 403
Schema
Fine-grained error code providing more detail of the error.
400.1 Bad Request Content
Unique tracking id for the error.
e7eab60924f64aa284175b9fa3309599
messages object[]
causes object[]
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 403 response object
{
"detailCode": "403 Forbidden",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server understood the request but refuses to authorize it."
}
]
}
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
- application/json
- Schema
- Example (auto)
Schema
A message describing the error
Rate Limit Exceeded
{
"message": " Rate Limit Exceeded "
}
Internal Server Error - Returned if there is an unexpected error.
- application/json
- Schema
- Example (auto)
- 500
Schema
Fine-grained error code providing more detail of the error.
400.1 Bad Request Content
Unique tracking id for the error.
e7eab60924f64aa284175b9fa3309599
messages object[]
causes object[]
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 500 response object
{
"detailCode": "500.0 Internal Fault",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "An internal fault occurred."
}
]
}
Authorization: oauth2
type: Personal Access Tokenscopes: idn:password-org-config:write
- go
- powershellSailPoint SDK
- pythonSailPoint SDK
- csharp
- curl
- dart
- http
- java
- javascript
- kotlin
- c
- nodejs
- objective-c
- ocaml
- php
- r
- ruby
- rust
- shell
- swift
- NATIVE
package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://sailpoint.api.identitynow.com/v2025/password-org-config"
method := "POST"
payload := strings.NewReader(`{
"customInstructionsEnabled": true,
"digitTokenEnabled": true,
"digitTokenDurationMinutes": 10,
"digitTokenLength": 9
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Accept", "application/json")
req.Header.Add("Authorization", "Bearer <TOKEN>")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}