PasswordCredentialsPolicyType (Complex Type)

Namespace: http://midpoint.evolveum.com/xml/ns/public/common/common-3

Supertype: CredentialPolicyType

Structure that specifies policy for password management. It is in fact only a simple reference to a password policy.

This is a credential policy. Which means that it controls how credentials are set (stored). It does not control how credentials are used for authentication. That is controlled by the authentication module setting - and in fact this may even be out of our control completely, e.g. in case that external authentication is used (SSO).

Item Summary  
Name Type Multiplicity Description
name property
string
[0,1] Unique name of the credential. 
description property
string
[0,1] Free form description of the credential (administrator comment). 
documentation property
string
[0,1] Technical documentation for a particular object or construct. 
storageMethod container
CredentialsStorageMethodType
[0,1] Method used to store the values of this credential (encrypted, hashed, . 
resetMethod container
CredentialsResetMethodType
[0,1] Specifies the method of resetting the credential. 
propagationUserControl property
CredentialsPropagationUserControlType
[0,1] Constraints that define how propagation of the credentials can be controlled by the user. 
minOccurs property
string
[0,1] Minimal number of value occurrences. 
maxOccurs property
string
[0,1] Maximal number of value occurrences. 
maxAge property
duration
[0,1] Maximum age of the credential, counted from the last credential value update. 
minAge property
duration
[0,1] Minimum age of the credential, counted from the last credential value update. 
warningBeforeExpirationDuration property
duration
[0,1] The time interval before credential expiration (exceeded maxAge) that the user will be warned that the credential is about to expire. 
lockoutMaxFailedAttempts property
int
[0,1] Maximum number of failed authentication attempts that can be tried before the credential is locked-out. 
lockoutFailedAttemptsDuration property
duration
[0,1] The duration in which the failed attempts must happen for the credential to be locked-out. 
lockoutDuration property
duration
[0,1] The duration for which the credential remains locked-out. 
valuePolicyRef reference
ObjectReferenceType
[0,1] Reference to the value policy for the credential. 
historyLength property
int
[0,1] The number of entries to keep in the credential history. 
historyStorageMethod container
CredentialsStorageMethodType
[0,1] Method used to store historical values of the credential (encrypted, hashed, . 
passwordChangeSecurity property
PasswordChangeSecurityType
[0,1] Additional security applied when changing a password.