hx42k (hx42k) asked a question.
Password Verification
We are implementing the Change Password process in our external application through the Change Password (https://developer.okta.com/docs/reference/api/users/*change-password) endpoint from the Users API.
The API works as expected, but I want to know if there is a way to verify the new user password against the Password Policies on the fly (when the user is entering the new password in the input of my application). Instead of making the API call and waiting for Okta's response.
- Does Okta have any component in JS to verify passwords against password policies?
- Is there an API that can be used to verify passwords against password policies?
Additional information:
- Our users do not have the security question set, therefore we can just use the API call (mentioned above) to change the password without taking the user out (to the Okta UI) of our application.
Hi, This isn't the correct forum category for your question as this one is specifically for Okta Workflows product. I'll try to answer based off the information I see available.
For question #1 I don't know the answer as I am not familiar with the SDK or how extensive it is. If the SDK has the ability to make queries (similar to my answer for #2 then maybe).
For question #2 you can query / retrieve your configured password policies from the policy endpoint. (/api/v1/policies?type=PASSWORD). With the data retrieved it would be possible to construct constraints for a pre-check prior to submitting the POST for the password change.