The APIs described in this doc are designed to:
- Create, edit, and delete a password policy
- Set a variety of parameters to define the policy
- Associate it with one or more sources
IMPORTANT: These APIs are being deprecated in favor of the IdentityNow Platform APIs. While these APIs will continue to be available for the foreseeable future, SailPoint recommends that you transition to the new versions as soon as possible. For detailed information about all new platform APIs, visit the SailPoint API Reference.
Working with Password Policies
This document covers the following tasks:
- Create a Password Policy
- Associate a Password Policy with a Source
- View a List of Password Policies
- View a Password Policy
- Delete a Password Policy
- Update a Password Policy
Prerequisites:
- Sign in to the org as an administrator. Click Admin and strong authenticate.
- Get the source ID
- Open your preferred tool for making API calls
NOTE: If you're making these API calls, you'll need to use on of our supported authentication methods. As a best practice SailPoint recommends using OAuth 2. Also, the endpoint you use must be changed slightly based on the authentication method. For details, see the Authentication section of the Developer portal documentation.
Create a Password Policy
When you create a password policy, name is the only required parameter.
Complete the following steps:
|
1. Make the following call: POST <org>/api/passwordPolicy/create with the required parameter name which names the password policy. |
|
|
2. Provide values for any of the following optional parameters:
|
|
NOTES:
|
|
|
You should see results similar to the image on the right.
3. Make note of the id. |
 |
Associate a Password Policy with a Source
After you create a password policy, you must associate it with a source.
Complete the following steps:
|
Make the following call:
POST <org>/api/source/update/<source_ID> with the required parameter of passwordPolicy which indicates the ID of the password policy you want to use.
You should results similar to the image on the right
NOTE: To apply the password policy to an app you must also enable Password Management on the source in the IdentityNow user interface. Furthermore, you must set Account Source to either Specific Users or All Users from the source you've edited here. |
 |
View a List of Password Policies
You might want to see a list of password policies defined in your system to obtain the id of a policy you want to edit.
Complete the following steps:
|
Make the following call:
GET //<org>/api/passwordPolicy/list
where <org> is the URL for the customer's IdentityNow org..
You should see results similar to the image on the right. |
 |
View a Password Policy
You might want to review a specific password policy. To do that you'll need to the policy's ID.
Complete the following steps:
|
Make the following call:
GET <org>/api/passwordPolicy/get/<pp_ID>
where <org> is the URL for the customer's IdentityNow org and <pp_ID> is the ID of the password policy you want to view.
You should see results similar to the image on the right. |
 |
Delete a Password Policy
To delete a password policy, you need to have the policy ID.
Complete the following steps:
|
Make the following call
GET <org>/api/passwordPolicy/delete/<pp_ID>
where <org> is the URL for the customer's IdentityNow org and <pp_ID> is the ID of the password policy you want to view.
You should see no response when this successful. |
Update a Password Policy
You might need to change the requirements of a password policy. To do this, you'll need the password policy ID.
Complete the following steps:
|
1. Make the following call:
POST <org>/api/passwordPolicy/set/<pp_ID>
where <org> is the URL for the customer's IdentityNow org and <pp_ID> is the ID of the password policy you want to view.
2. For any or all of the optional parameters described in Create a Password Policy, provide a new value. |
|
|
You should see results similar to the image on the right. The example on the right shows a change to the maxLength parameter. |
 |
