Introduction
Different password policies can be defined for each target system. The policy always consists of a combination of a regex pattern array and a validation text, which in turn is defined as a name key. The name key in turn allows the text to be translated into multiple languages.
Regex-Pattern-Array
The regex pattern array is a list of several regex patterns. This list must be entered in the JSON syntax.
Example multiple conditions:
[ ".{8,32}", "[A-Z]", "[a-z]", "[0-9]" ]
Beispiel einfache Bedingung:
[ ".{8,32}" ]
Validation text
For each regex pattern array a validation text can be defined, which is displayed to the user if one of the patterns does not apply.
Default-Guideline
If no password policy is assigned to a target system, the default policy applies, which has the following conditions defined:
At least one capital letter
At least one lowercase letter
Length between 8 and 32 characters
Regex | Name-Key | Text |
|---|---|---|
| Global.Validation.Password.Uppercase | Please enter at least one capital letter |
| Global.Validation.Password.Lowercase | Please enter at least one lowercase letter |
| Global.Validation.Password.Number | Please enter at least one number |
| Global.Validation.Password.specialcharacter | Please enter at least one special character |
| Global.Validation.Password.8To32Characters | Please enter between 8 and 32 letters |
| Global.Validation.Password.DoesNot10charcacter | Please increase the password length to min. 10 character |
Generate Password Workflow Definition Id
This feature was introduced in version 7.2
Whenever a new password for an identity with the the given password policy has to be generated, you can specify a workflow to override the default behavior. The default behavior calculates the new password that matches the default password policy.
If you have configured a more complex password policy or you want tho check the generated password against an external system, against a customized password black list or any other special use case, use your own workflow. The Generate Random String activity is particularly useful in this case.