Skip to main content
POST
/
identity
/
password-policy
Validate Password
curl --request POST \
  --url http://{host}:{port}/{contextPath}/identity/password-policy \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '{
  "password": "myPassword",
  "profile": {
    "id": "jonny1",
    "firstName": "John",
    "lastName": "Doe",
    "email": "jonny@camunda.org"
  }
}'
{
  "rules": [
    {
      "placeholder": "PASSWORD_POLICY_USER_DATA",
      "parameter": null,
      "valid": true
    },
    {
      "placeholder": "PASSWORD_POLICY_LOWERCASE",
      "parameter": {
        "minLowerCase": "1"
      },
      "valid": true
    },
    {
      "placeholder": "PASSWORD_POLICY_LENGTH",
      "parameter": {
        "minLength": "10"
      },
      "valid": false
    },
    {
      "placeholder": "PASSWORD_POLICY_UPPERCASE\"",
      "parameter": {
        "minUpperCase": "1"
      },
      "valid": false
    },
    {
      "placeholder": "PASSWORD_POLICY_DIGIT",
      "parameter": {
        "minDigit": "1"
      },
      "valid": false
    },
    {
      "placeholder": "PASSWORD_POLICY_SPECIAL",
      "parameter": {
        "minSpecial": "1"
      },
      "valid": false
    }
  ],
  "valid": false
}

Authorizations

Authorization
string
header
required

Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password.

Body

application/json
password
string | null

The candidate password to be check against the password policy.

profile
object

Response

Request successful. This example uses the built-in password policy that enforces a minimum password length, and some complexity rules. The checked password is myPassword which is not complex enough to match all of the policy rules.

valid
boolean | null

true if the password is compliant with the policy, otherwise false.

rules
object[] | null

An array of password policy rules. Each element of the array is representing one rule of the policy.