GetPasswordPolicy - CloudSSO - Alibaba Cloud Documentation Center

Queries the password policy of CloudSSO users.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter	Type	Required	Description	Example
DirectoryId	string	Yes	The ID of the directory.	d-00fc2p61****

Response parameters

Parameter	Type	Description	Example
	object	The returned result.
RequestId	string	The request ID.	B7C6E839-FB65-59BE-B753-003AA8AF7DF7
PasswordPolicy	object	The password policy.
MinPasswordLength	integer	The minimum password length. Valid values: 8 to 32 characters.	8
MinPasswordDifferentChars	integer	The minimum number of different characters in a password. The minimum value is 0, which indicates that the minimum number of different characters in a password is not limited. The maximum value is the value of the `MinPasswordLength` parameter.	8
PasswordNotContainUsername	boolean	Indicates whether to exclude the username from the password. Valid values: true: A password cannot contain the username. false: A password can contain the username.	true
MaxPasswordAge	integer	The validity period of a password. Valid values: 1 to 120. Unit: days.	90
PasswordReusePrevention	integer	The policy for password history check. The previous N passwords cannot be reused. Valid values of N: 0 to 24. The value 0 indicates that all historical passwords can be reused. Note Passwords that are generated before January 5, 2024 are not counted as historical passwords.	1
MaxLoginAttempts	integer	The number of password retries. If wrong passwords are entered for the specified consecutive times, the account is locked for 1 hour. Valid values: 0 to 32. The value 0 indicates that the number of password retries is not limited.	5
RequireNumbers	boolean	Indicates whether digits are required in a password. Valid values: true: Digits are required in a password. false: Digits are not required in a password.	true
RequireLowerCaseChars	boolean	Indicates whether lowercase letters are required in a password. Valid values: true: Lowercase letters are required in a password. false: Lowercase letters are not required in a password.	true
MaxPasswordLength	integer	The maximum password length.	32
RequireUpperCaseChars	boolean	Indicates whether uppercase letters are required in a password. Valid values: true: Uppercase letters are required in a password. false: Uppercase letters are not required in a password.	true
RequireSymbols	boolean	Indicates whether special characters are required in a password. Valid values: true: Special characters are required in a password. false: Special characters are not required in a password.	true
HardExpire	boolean	Indicates whether to disable logon after a password expires. Valid values: true: disables logon after a password expires. false: does not disable logon after a password expires.	true

Examples

Sample success responses

JSONformat

{
  "RequestId": "B7C6E839-FB65-59BE-B753-003AA8AF7DF7",
  "PasswordPolicy": {
    "MinPasswordLength": 8,
    "MinPasswordDifferentChars": 8,
    "PasswordNotContainUsername": true,
    "MaxPasswordAge": 90,
    "PasswordReusePrevention": 1,
    "MaxLoginAttempts": 5,
    "RequireNumbers": true,
    "RequireLowerCaseChars": true,
    "MaxPasswordLength": 32,
    "RequireUpperCaseChars": true,
    "RequireSymbols": true,
    "HardExpire": true
  }
}

Error codes

For a list of error codes, visit the Service error codes.