Password Policy not Honored During Password Change with Management API

travis.evers · October 16, 2024, 4:17pm

Overview

This article explains why using the Management API to update a password does not honor the password policy when using the PATCH /API/v2/users endpoint.

Applies To

Management API
Password Policy
Password Change

Solution

This is by design. Password policies will not be enforced when users change their passwords with the PATCH /API/v2/users endpoint.

Password policies are only enforced when using the Universal Login’s Password Reset Flow. See Trigger an interactive password reset flow for details on this process.

Topic		Replies	Views
Does the Post-Change-Password Action Execute when Updating Passwords with the Management API? Knowledge Articles	1	535	October 19, 2023
Will user password update check if new password complies with password rules? Help management-api , change-password	5	4212	March 2, 2018
Changing password/email via Management API forced the user to relogin Help management-api , change-password	2	2927	March 30, 2020
Update password after login Help change-password	2	2532	September 15, 2021
Is there any endpoint that checks if I can use the new password before updating the user's password? Help management-api , users	6	1303	October 10, 2023

Password Policy not Honored During Password Change with Management API

Overview

Applies To

Solution

Related Topics