We want to implement Multiple Password Rotation integration for Different Account Type.
Current Password Rotation Integration - Standard at Tenant level - 90 days Password Reset
We have following User Type and would want to apply different password rotation
I see that you were able to find an answer to your solution; I will answer this publicly so we can further help the community.
There is no formal documentation for this case, but you could leverage the following feature.
You can create a Post-Login Action that takes the users and checks if they don’t have the password_reset_date claim.
If they don’t have it, set that claim to null and subtract the creation account date from the present day, transformed in days. Depending on the user, that value should be at least 90, 60, or 365 days in order to create a ticket for resetting the password. After the resetting is finished, fill the password_reset_date with the day of the resetting.
If they have it, subtract the passsword_reset_date from the present day, transformed in days. Depending on the user, that value should also be at least 90, 60, or 365 days in order to create a ticket for resetting the password. After the resetting is finished, update the password_reset_date with the day of the resetting.
Please note that this is an idea of implementation and you will still need to implement your own custom logic.