Password validation#
User password validation can be set to check the password strength, like the password must have at least one uppercase, or lowercase, number, and the length of the password. By default, the password attribute validation is not enabled.
Enable user password validation through Command Line Tool (CLI)#
-
Obtain the unique ID, that is inum for
userPassword
attribute.jans cli --operation-id get-attributes --endpoint-args pattern:userPassword
-
Obatin the PatchRequest schema
jans cli --schema PatchRequest > /tmp/patch.json
-
Update
/tmp/patch.json
with user password validation details- Enter a valid regex expression to check the strength of the password.
- Enter Minimum length, the minimum length of a value associated with this attribute.
- Enter Maximum length, the maximum length of a value associated with
this attribute.
Following is the example of having
userPassword
with minimum 8 characters, maximum 20 characters and should be alphanumeric with special characters.[{ "op": "add", "path": "/attributeValidation", "value": { "minLength": 5, "maxLength":15, "regexp": "^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#&()–[{}]:;',?/*~$^+=<>]).{8,20}$" } }]
-
Execute patch operation for
userPassword
attribute.jans cli --operation-id patch-attributes-by-inum \ --url-suffix="inum:AAEE" --data /tmp/patch.json
-
Create a new user using
post-user
operation. -
An error notification will be displayed if the password does not match the validation criteria.
Enable user password validation through Jans Text UI (TUI)#
-
When using Janssen Text-based UI(TUI) to configure
userPassword
attribute validation , navigate viaAuth Server
->Attributes
->search foruserPassword
attribute->open the attribute details->enableEnable Custom Validation
field-> Enter a value forRegular expression
,Minimum Length
&Maximum Length
fields->Save -
Create a new user using
Users
TUI menu. -
An error notification will be displayed if the password does not match the validation criteria.
Enable user password validation through Jans Config API#
-
Obtain the access token
curl -k -u "<put_client_id_here>:<put_config_api_client_secret_here>" https://<your.jans.server>/jans-auth/restv1/token \ -d "grant_type=client_credentials&scope=https://jans.io/oauth/config/attributes.write"
-
Obtain the unique ID, that is inum for
userPassword
attribute.curl -k -i -H "Accept: application/json" -H "Content-Type: application/json" \ -H "Authorization:Bearer <put_access_token_here>" -X GET https://<your.jans.server>/jans-config-api/api/v1/attributes?pattern=userPassword
-
Apply Patch for
userPassword
, use inum as path parameter - Enter a valid regex expression to check the strength of the password.
- Enter Minimum length, the minimum length of a value associated with this attribute.
-
Enter Maximum length, the maximum length of a value associated with this attribute. Following is the example of having
userPassword
with minimum 8 characters, maximum 20 characters, and should be alphanumeric with special characters.curl -k --location --request PATCH 'https://<your.jans.server>/jans-config-api/api/v1/attributes/<put_userPassword_inum_here>' \ --header 'Content-Type: application/json-patch+json' --header 'Authorization: Bearer <put_access_token_here>' \ --data-raw '[{ "op": "add", "path": "/attributeValidation", "value": { "minLength": 8, "maxLength":20, "regexp": "^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#&()–[{}]:;'\'',?/*~$^+=<>]).{8,20}$" } }]'
-
Create a new user using
/jans-config-api/mgt/configuser
endpoint. -
An error notification will be displayed if the password does not match the validation criteria.
Created: 2024-04-29