--- id: password-policies title: Password_Policies pagination_label: Password_Policies sidebar_label: Password_Policies sidebar_class_name: pythonsdk keywords: ['python', 'Python', 'sdk', 'Password_Policies', 'Password_Policies'] slug: /tools/sdk/python/v3/methods/password-policies tags: ['SDK', 'Software Development Kit', 'Password_Policies', 'Password_Policies'] --- # sailpoint.v3.PasswordPoliciesApi Use these APIs to implement password policies functionality. These APIs allow you to define the policy parameters for choosing passwords. IdentityNow comes with a default policy that you can modify to define the password requirements your users must meet to log in to IdentityNow, such as requiring a minimum password length, including special characters, and disallowing certain patterns. If you have licensed Password Management, you can create additional password policies beyond the default one to manage passwords for supported sources in your org. In the Identity Security Cloud Admin panel, administrators can use the Password Mgmt dropdown menu to select Sync Groups. Refer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/pwd_policies/pwd_policies.html) for more information about password policies. All URIs are relative to *https://sailpoint.api.identitynow.com/v3* Method | HTTP request | Description ------------- | ------------- | ------------- [**create-password-policy**](#create-password-policy) | **POST** `/password-policies` | Create Password Policy [**delete-password-policy**](#delete-password-policy) | **DELETE** `/password-policies/{id}` | Delete Password Policy by ID [**get-password-policy-by-id**](#get-password-policy-by-id) | **GET** `/password-policies/{id}` | Get Password Policy by ID [**list-password-policies**](#list-password-policies) | **GET** `/password-policies` | List Password Policies [**set-password-policy**](#set-password-policy) | **PUT** `/password-policies/{id}` | Update Password Policy by ID ## create-password-policy Create Password Policy This API creates the specified password policy. [API Spec](https://developer.sailpoint.com/docs/api/v3/create-password-policy) ### Parameters Param Type | Name | Data Type | Required | Description ------------- | ------------- | ------------- | ------------- | ------------- Body | password_policy_v3_dto | [**PasswordPolicyV3Dto**](../models/password-policy-v3-dto) | True | ### Return type [**PasswordPolicyV3Dto**](../models/password-policy-v3-dto) ### Responses Code | Description | Data Type | Response headers | ------------- | ------------- | ------------- |------------------| 200 | Reference to the password policy. | PasswordPolicyV3Dto | - | 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - | 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - | 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - | 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - | 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - | 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - | ### HTTP request headers - **Content-Type**: application/json - **Accept**: application/json ### Example ```python from sailpoint.v3.api.password_policies_api import PasswordPoliciesApi from sailpoint.v3.api_client import ApiClient from sailpoint.v3.models.password_policy_v3_dto import PasswordPolicyV3Dto from sailpoint.configuration import Configuration configuration = Configuration() with ApiClient(configuration) as api_client: password_policy_v3_dto = '''{ "validateAgainstAccountName" : true, "minLength" : 8, "description" : "Information about the Password Policy", "requireStrongAuthUntrustedGeographies" : true, "enablePasswdExpiration" : true, "minNumeric" : 8, "lastUpdated" : "2000-01-23T04:56:07.000+00:00", "validateAgainstAccountId" : false, "dateCreated" : "2000-01-23T04:56:07.000+00:00", "accountNameMinWordLength" : 6, "minUpper" : 8, "firstExpirationReminder" : 45, "modified" : "modified", "id" : "2c91808e7d976f3b017d9f5ceae440c8", "requireStrongAuthn" : true, "useDictionary" : false, "minSpecial" : 8, "sourceIds" : [ "2c91808382ffee0b01830de154f14034", "2f98808382ffee0b01830de154f12134" ], "passwordExpiration" : 8, "maxRepeatedChars" : 3, "minCharacterTypes" : 5, "minAlpha" : 5, "created" : "created", "useAccountAttributes" : false, "accountIdMinWordLength" : 4, "minLower" : 8, "useIdentityAttributes" : false, "defaultPolicy" : true, "requireStrongAuthOffNetwork" : true, "name" : "PasswordPolicy Example", "maxLength" : 25 }''' # PasswordPolicyV3Dto | try: # Create Password Policy new_password_policy_v3_dto = PasswordPolicyV3Dto.from_json(password_policy_v3_dto) results = PasswordPoliciesApi(api_client).create_password_policy(password_policy_v3_dto=new_password_policy_v3_dto) # Below is a request that includes all optional parameters # results = PasswordPoliciesApi(api_client).create_password_policy(new_password_policy_v3_dto) print("The response of PasswordPoliciesApi->create_password_policy:\n") print(results.model_dump_json(by_alias=True, indent=4)) except Exception as e: print("Exception when calling PasswordPoliciesApi->create_password_policy: %s\n" % e) ``` [[Back to top]](#) ## delete-password-policy Delete Password Policy by ID This API deletes the specified password policy. [API Spec](https://developer.sailpoint.com/docs/api/v3/delete-password-policy) ### Parameters Param Type | Name | Data Type | Required | Description ------------- | ------------- | ------------- | ------------- | ------------- Path | id | **str** | True | The ID of password policy to delete. ### Return type (empty response body) ### Responses Code | Description | Data Type | Response headers | ------------- | ------------- | ------------- |------------------| 204 | No content - indicates the request was successful but there is no content to be returned in the response. | | - | 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - | 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - | 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - | 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - | 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - | 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - | ### HTTP request headers - **Content-Type**: Not defined - **Accept**: application/json ### Example ```python from sailpoint.v3.api.password_policies_api import PasswordPoliciesApi from sailpoint.v3.api_client import ApiClient from sailpoint.configuration import Configuration configuration = Configuration() with ApiClient(configuration) as api_client: id = 'ff808081838d9e9d01838da6a03e0002' # str | The ID of password policy to delete. # str | The ID of password policy to delete. try: # Delete Password Policy by ID PasswordPoliciesApi(api_client).delete_password_policy(id=id) # Below is a request that includes all optional parameters # PasswordPoliciesApi(api_client).delete_password_policy(id) except Exception as e: print("Exception when calling PasswordPoliciesApi->delete_password_policy: %s\n" % e) ``` [[Back to top]](#) ## get-password-policy-by-id Get Password Policy by ID This API returns the password policy for the specified ID. [API Spec](https://developer.sailpoint.com/docs/api/v3/get-password-policy-by-id) ### Parameters Param Type | Name | Data Type | Required | Description ------------- | ------------- | ------------- | ------------- | ------------- Path | id | **str** | True | The ID of password policy to retrieve. ### Return type [**PasswordPolicyV3Dto**](../models/password-policy-v3-dto) ### Responses Code | Description | Data Type | Response headers | ------------- | ------------- | ------------- |------------------| 200 | Reference to the password policy. | PasswordPolicyV3Dto | - | 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - | 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - | 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - | 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - | 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - | 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - | ### HTTP request headers - **Content-Type**: Not defined - **Accept**: application/json ### Example ```python from sailpoint.v3.api.password_policies_api import PasswordPoliciesApi from sailpoint.v3.api_client import ApiClient from sailpoint.v3.models.password_policy_v3_dto import PasswordPolicyV3Dto from sailpoint.configuration import Configuration configuration = Configuration() with ApiClient(configuration) as api_client: id = 'ff808081838d9e9d01838da6a03e0005' # str | The ID of password policy to retrieve. # str | The ID of password policy to retrieve. try: # Get Password Policy by ID results = PasswordPoliciesApi(api_client).get_password_policy_by_id(id=id) # Below is a request that includes all optional parameters # results = PasswordPoliciesApi(api_client).get_password_policy_by_id(id) print("The response of PasswordPoliciesApi->get_password_policy_by_id:\n") print(results.model_dump_json(by_alias=True, indent=4)) except Exception as e: print("Exception when calling PasswordPoliciesApi->get_password_policy_by_id: %s\n" % e) ``` [[Back to top]](#) ## list-password-policies List Password Policies This gets list of all Password Policies. Requires role of ORG_ADMIN [API Spec](https://developer.sailpoint.com/docs/api/v3/list-password-policies) ### Parameters Param Type | Name | Data Type | Required | Description ------------- | ------------- | ------------- | ------------- | ------------- Query | limit | **int** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. Query | offset | **int** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. Query | count | **bool** | (optional) (default to False) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. ### Return type [**List[PasswordPolicyV3Dto]**](../models/password-policy-v3-dto) ### Responses Code | Description | Data Type | Response headers | ------------- | ------------- | ------------- |------------------| 200 | List of all Password Policies. | List[PasswordPolicyV3Dto] | - | 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - | 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - | 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - | 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - | 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - | ### HTTP request headers - **Content-Type**: Not defined - **Accept**: application/json ### Example ```python from sailpoint.v3.api.password_policies_api import PasswordPoliciesApi from sailpoint.v3.api_client import ApiClient from sailpoint.v3.models.password_policy_v3_dto import PasswordPolicyV3Dto from sailpoint.configuration import Configuration configuration = Configuration() with ApiClient(configuration) as api_client: limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) try: # List Password Policies results = PasswordPoliciesApi(api_client).list_password_policies() # Below is a request that includes all optional parameters # results = PasswordPoliciesApi(api_client).list_password_policies(limit, offset, count) print("The response of PasswordPoliciesApi->list_password_policies:\n") for item in results: print(item.model_dump_json(by_alias=True, indent=4)) except Exception as e: print("Exception when calling PasswordPoliciesApi->list_password_policies: %s\n" % e) ``` [[Back to top]](#) ## set-password-policy Update Password Policy by ID This API updates the specified password policy. [API Spec](https://developer.sailpoint.com/docs/api/v3/set-password-policy) ### Parameters Param Type | Name | Data Type | Required | Description ------------- | ------------- | ------------- | ------------- | ------------- Path | id | **str** | True | The ID of password policy to update. Body | password_policy_v3_dto | [**PasswordPolicyV3Dto**](../models/password-policy-v3-dto) | True | ### Return type [**PasswordPolicyV3Dto**](../models/password-policy-v3-dto) ### Responses Code | Description | Data Type | Response headers | ------------- | ------------- | ------------- |------------------| 200 | Reference to the password policy. | PasswordPolicyV3Dto | - | 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - | 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - | 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - | 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - | 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - | 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - | ### HTTP request headers - **Content-Type**: application/json - **Accept**: application/json ### Example ```python from sailpoint.v3.api.password_policies_api import PasswordPoliciesApi from sailpoint.v3.api_client import ApiClient from sailpoint.v3.models.password_policy_v3_dto import PasswordPolicyV3Dto from sailpoint.configuration import Configuration configuration = Configuration() with ApiClient(configuration) as api_client: id = 'ff808081838d9e9d01838da6a03e0007' # str | The ID of password policy to update. # str | The ID of password policy to update. password_policy_v3_dto = '''{ "validateAgainstAccountName" : true, "minLength" : 8, "description" : "Information about the Password Policy", "requireStrongAuthUntrustedGeographies" : true, "enablePasswdExpiration" : true, "minNumeric" : 8, "lastUpdated" : "2000-01-23T04:56:07.000+00:00", "validateAgainstAccountId" : false, "dateCreated" : "2000-01-23T04:56:07.000+00:00", "accountNameMinWordLength" : 6, "minUpper" : 8, "firstExpirationReminder" : 45, "modified" : "modified", "id" : "2c91808e7d976f3b017d9f5ceae440c8", "requireStrongAuthn" : true, "useDictionary" : false, "minSpecial" : 8, "sourceIds" : [ "2c91808382ffee0b01830de154f14034", "2f98808382ffee0b01830de154f12134" ], "passwordExpiration" : 8, "maxRepeatedChars" : 3, "minCharacterTypes" : 5, "minAlpha" : 5, "created" : "created", "useAccountAttributes" : false, "accountIdMinWordLength" : 4, "minLower" : 8, "useIdentityAttributes" : false, "defaultPolicy" : true, "requireStrongAuthOffNetwork" : true, "name" : "PasswordPolicy Example", "maxLength" : 25 }''' # PasswordPolicyV3Dto | try: # Update Password Policy by ID new_password_policy_v3_dto = PasswordPolicyV3Dto.from_json(password_policy_v3_dto) results = PasswordPoliciesApi(api_client).set_password_policy(id=id, password_policy_v3_dto=new_password_policy_v3_dto) # Below is a request that includes all optional parameters # results = PasswordPoliciesApi(api_client).set_password_policy(id, new_password_policy_v3_dto) print("The response of PasswordPoliciesApi->set_password_policy:\n") print(results.model_dump_json(by_alias=True, indent=4)) except Exception as e: print("Exception when calling PasswordPoliciesApi->set_password_policy: %s\n" % e) ``` [[Back to top]](#)