Create Password Policy

POST 
https://sailpoint.api.identitynow.com/v3/password-policies

This API creates the specified password policy.

Request

application/json

Bodyrequired

idstring
The password policy Id.
Example: 2c91808e7d976f3b017d9f5ceae440c8
descriptionstringnullable
Description for current password policy.
Example: Information about the Password Policy
namestring
The name of the password policy.
Example: PasswordPolicy Example
dateCreateddate-time
Date the Password Policy was created.
Example: 1639056206564
lastUpdateddate-timenullable
Date the Password Policy was updated.
Example: 1939056206564
firstExpirationReminderint64
The number of days before expiration remaninder.
Example: 45
accountIdMinWordLengthint64
The minimun length of account Id. By default is equals to -1.
Example: 4
accountNameMinWordLengthint64
The minimun length of account name. By default is equals to -1.
Example: 6
minAlphaint64
Maximum alpha. By default is equals to 0.
Example: 5
minCharacterTypesint64
MinCharacterTypes. By default is equals to -1.
Example: 5
maxLengthint64
Maximum length of the password.
Example: 25
minLengthint64
Minimum length of the password. By default is equals to 0.
Example: 8
maxRepeatedCharsint64
Maximum repetition of the same character in the password. By default is equals to -1.
Example: 3
minLowerint64
Minimum amount of lower case character in the password. By default is equals to 0.
Example: 8
minNumericint64
Minimum amount of numeric characters in the password. By default is equals to 0.
Example: 8
minSpecialint64
Minimum amount of special symbols in the password. By default is equals to 0.
Example: 8
minUpperint64
Minimum amount of upper case symbols in the password. By default is equals to 0.
Example: 8
passwordExpirationint64
Number of days before current password expires. By default is equals to 90.
Example: 8
defaultPolicyboolean
Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default.
Default value: false
Example: true
enablePasswdExpirationboolean
Defines whether this policy is enabled to expire or not. This field is false by default.
Default value: false
Example: true
requireStrongAuthnboolean
Defines whether this policy require strong Auth or not. This field is false by default.
Default value: false
Example: true
requireStrongAuthOffNetworkboolean
Defines whether this policy require strong Auth of network or not. This field is false by default.
Default value: false
Example: true
requireStrongAuthUntrustedGeographiesboolean
Defines whether this policy require strong Auth for untrusted geographies. This field is false by default.
Default value: false
Example: true
useAccountAttributesboolean
Defines whether this policy uses account attributes or not. This field is false by default.
Default value: false
Example: false
useDictionaryboolean
Defines whether this policy uses dictionary or not. This field is false by default.
Default value: false
Example: false
useIdentityAttributesboolean
Defines whether this policy uses identity attributes or not. This field is false by default.
Default value: false
Example: false
validateAgainstAccountIdboolean
Defines whether this policy validate against account id or not. This field is false by default.
Default value: false
Example: false
validateAgainstAccountNameboolean
Defines whether this policy validate against account name or not. This field is false by default.
Default value: false
Example: true
createdstringnullable
modifiedstringnullable
sourceIdsstring[]
List of sources IDs managed by this password policy.
Example: ["2c91808382ffee0b01830de154f14034","2f98808382ffee0b01830de154f12134"]

Responses

200

Reference to the password policy.

application/json

Schema

Schema

idstring
The password policy Id.
Example: 2c91808e7d976f3b017d9f5ceae440c8
descriptionstringnullable
Description for current password policy.
Example: Information about the Password Policy
namestring
The name of the password policy.
Example: PasswordPolicy Example
dateCreateddate-time
Date the Password Policy was created.
Example: 1639056206564
lastUpdateddate-timenullable
Date the Password Policy was updated.
Example: 1939056206564
firstExpirationReminderint64
The number of days before expiration remaninder.
Example: 45
accountIdMinWordLengthint64
The minimun length of account Id. By default is equals to -1.
Example: 4
accountNameMinWordLengthint64
The minimun length of account name. By default is equals to -1.
Example: 6
minAlphaint64
Maximum alpha. By default is equals to 0.
Example: 5
minCharacterTypesint64
MinCharacterTypes. By default is equals to -1.
Example: 5
maxLengthint64
Maximum length of the password.
Example: 25
minLengthint64
Minimum length of the password. By default is equals to 0.
Example: 8
maxRepeatedCharsint64
Maximum repetition of the same character in the password. By default is equals to -1.
Example: 3
minLowerint64
Minimum amount of lower case character in the password. By default is equals to 0.
Example: 8
minNumericint64
Minimum amount of numeric characters in the password. By default is equals to 0.
Example: 8
minSpecialint64
Minimum amount of special symbols in the password. By default is equals to 0.
Example: 8
minUpperint64
Minimum amount of upper case symbols in the password. By default is equals to 0.
Example: 8
passwordExpirationint64
Number of days before current password expires. By default is equals to 90.
Example: 8
defaultPolicyboolean
Defines whether this policy is default or not. Default policy is created automatically when an org is setup. This field is false by default.
Default value: false
Example: true
enablePasswdExpirationboolean
Defines whether this policy is enabled to expire or not. This field is false by default.
Default value: false
Example: true
requireStrongAuthnboolean
Defines whether this policy require strong Auth or not. This field is false by default.
Default value: false
Example: true
requireStrongAuthOffNetworkboolean
Defines whether this policy require strong Auth of network or not. This field is false by default.
Default value: false
Example: true
requireStrongAuthUntrustedGeographiesboolean
Defines whether this policy require strong Auth for untrusted geographies. This field is false by default.
Default value: false
Example: true
useAccountAttributesboolean
Defines whether this policy uses account attributes or not. This field is false by default.
Default value: false
Example: false
useDictionaryboolean
Defines whether this policy uses dictionary or not. This field is false by default.
Default value: false
Example: false
useIdentityAttributesboolean
Defines whether this policy uses identity attributes or not. This field is false by default.
Default value: false
Example: false
validateAgainstAccountIdboolean
Defines whether this policy validate against account id or not. This field is false by default.
Default value: false
Example: false
validateAgainstAccountNameboolean
Defines whether this policy validate against account name or not. This field is false by default.
Default value: false
Example: true
createdstringnullable
modifiedstringnullable
sourceIdsstring[]
List of sources IDs managed by this password policy.
Example: ["2c91808382ffee0b01830de154f14034","2f98808382ffee0b01830de154f12134"]

Example (auto)

{
  "id": "2c91808e7d976f3b017d9f5ceae440c8",
  "description": "Information about the Password Policy",
  "name": "PasswordPolicy Example",
  "dateCreated": 1639056206564,
  "lastUpdated": 1939056206564,
  "firstExpirationReminder": 45,
  "accountIdMinWordLength": 4,
  "accountNameMinWordLength": 6,
  "minAlpha": 5,
  "minCharacterTypes": 5,
  "maxLength": 25,
  "minLength": 8,
  "maxRepeatedChars": 3,
  "minLower": 8,
  "minNumeric": 8,
  "minSpecial": 8,
  "minUpper": 8,
  "passwordExpiration": 8,
  "defaultPolicy": true,
  "enablePasswdExpiration": true,
  "requireStrongAuthn": true,
  "requireStrongAuthOffNetwork": true,
  "requireStrongAuthUntrustedGeographies": true,
  "useAccountAttributes": false,
  "useDictionary": false,
  "useIdentityAttributes": false,
  "validateAgainstAccountId": false,
  "validateAgainstAccountName": true,
  "created": "string",
  "modified": "string",
  "sourceIds": [
    "2c91808382ffee0b01830de154f14034",
    "2f98808382ffee0b01830de154f12134"
  ]
}

400

Client Error - Returned if the request body is invalid.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

401

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema

Schema

error
A message describing the error
Example: JWT validation failed: JWT is expired

Example (auto)

{
  "error": "JWT validation failed: JWT is expired"
}

403

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

403

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

404

Not Found - returned if the request URL refers to a resource or object that does not exist

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

404

An example of a 404 response object

{
  "detailCode": "404 Not found",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server did not find a current representation for the target resource."
    }
  ]
}

429

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

application/json

Schema

Schema

message
A message describing the error
Example: Rate Limit Exceeded

Example (auto)

{
  "message": " Rate Limit Exceeded "
}

500

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

500

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Authorization: oauth2

type: Personal Access Token
scopes: idn:password-policy:write
user levels: ORG_ADMIN

• go
• powershell
  SailPoint SDK
• python
  SailPoint SDK
• csharp
• curl
• dart
• http
• java
• javascript
• kotlin
• c
• nodejs
• objective-c
• ocaml
• php
• r
• ruby
• rust
• shell
• swift

• NATIVE

package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "https://sailpoint.api.identitynow.com/v3/password-policies"
  method := "POST"

  payload := strings.NewReader(`{
  "id": "2c91808e7d976f3b017d9f5ceae440c8",
  "description": "Information about the Password Policy",
  "name": "PasswordPolicy Example",
  "dateCreated": 1639056206564,
  "lastUpdated": 1939056206564,
  "firstExpirationReminder": 45,
  "accountIdMinWordLength": 4,
  "accountNameMinWordLength": 6,
  "minAlpha": 5,
  "minCharacterTypes": 5,
  "maxLength": 25,
  "minLength": 8,
  "maxRepeatedChars": 3,
  "minLower": 8,
  "minNumeric": 8,
  "minSpecial": 8,
  "minUpper": 8,
  "passwordExpiration": 8,
  "defaultPolicy": true,
  "enablePasswdExpiration": true,
  "requireStrongAuthn": true,
  "requireStrongAuthOffNetwork": true,
  "requireStrongAuthUntrustedGeographies": true,
  "useAccountAttributes": false,
  "useDictionary": false,
  "useIdentityAttributes": false,
  "validateAgainstAccountId": false,
  "validateAgainstAccountName": true,
  "created": "string",
  "modified": "string",
  "sourceIds": [
    "2c91808382ffee0b01830de154f14034",
    "2f98808382ffee0b01830de154f12134"
  ]
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Accept", "application/json")
  req.Header.Add("Authorization", "Bearer <TOKEN>")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

Request Collapse all

Base URL

https://sailpoint.api.identitynow.com/v3

Auth

Bearer Token

Body required

• Example (from schema)
• Example

{
  "id": "2c91808e7d976f3b017d9f5ceae440c8",
  "description": "Information about the Password Policy",
  "name": "PasswordPolicy Example",
  "dateCreated": 1639056206564,
  "lastUpdated": 1939056206564,
  "firstExpirationReminder": 45,
  "accountIdMinWordLength": 4,
  "accountNameMinWordLength": 6,
  "minAlpha": 5,
  "minCharacterTypes": 5,
  "maxLength": 25,
  "minLength": 8,
  "maxRepeatedChars": 3,
  "minLower": 8,
  "minNumeric": 8,
  "minSpecial": 8,
  "minUpper": 8,
  "passwordExpiration": 8,
  "defaultPolicy": true,
  "enablePasswdExpiration": true,
  "requireStrongAuthn": true,
  "requireStrongAuthOffNetwork": true,
  "requireStrongAuthUntrustedGeographies": true,
  "useAccountAttributes": false,
  "useDictionary": false,
  "useIdentityAttributes": false,
  "validateAgainstAccountId": false,
  "validateAgainstAccountName": true,
  "created": "string",
  "modified": "string",
  "sourceIds": [
    "2c91808382ffee0b01830de154f14034",
    "2f98808382ffee0b01830de154f12134"
  ]
}

ResponseClear

Click the Send API Request button above and see the response here!