This article aims to explain how to exempt a user from password expiration.

• Password Policy

In some cases, some Okta user accounts do not need to have their password expire in order to change their password, for example, with a Service Account.

Please follow the below video or steps: 


 

1. Create a group, let us call it "Exempt from password expiration" and add the user account to be exempted into this group.
2. Go to Security > Authentication > Password > Add New Password Policy, and name it "Expiration Bypass".
3. Assign it to the group we created earlier, and uncheck Password expires after ... .
4. Click Create Policy, which will ask to create a rule.
5. Name and configure this rule as desired and click Create Rule.
6. Make sure this new policy is higher in priority than the one that enforces the password expiration rule for the rest of the users.

NOTE: In Okta Identity Engine (OIE), the settings for the Password Policies are located under Security > Authenticators > Setup > Password > Actions > Edit.