How password policy applies to user authentication?
We’d like to add password policy setting to our platform recently. After going through the OKTA API, i understand how password policy works with the user recovery operation (password change, password reset, user unlock). but i’m not sure how it work with user authentication.
Based on the Authentication API below, for user authentication, it doesn’t use password policy to validate the password, it only use LOCKOUT setting in password policy to decide whether to show lockout failures.