<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009RMetrCADOkta Classic EngineAdministrationAnswered2025-10-11T09:01:02.000Z2023-07-10T07:10:23.000Z2023-07-13T10:12:32.000Z

lnllt (lnllt) asked a question.

July 10, 2023 at 7:10 AM
How can I find my application's password requirements?

In https://help.okta.com/en-us/Content/Topics/Security/policies/about-password-policies.htm, it says:

 

An error can occur during provisioning when a user's Okta password meets the password policies requirements while the password policy itself doesn't. Ensure that the Okta password policy meets the application's requirements, typically, eight characters or more, with an upper and lower case character and either a symbol or number.

 

This seems strange. Why does Okta allow a password policy that doesn't meet the application's requirements?

How can I find my application's password requirements?

I'm using an OIDC app by the way.

  • 5 answers
  • 450 views

  • flz9z (flz9z)

    Hi David Klempfner,

    Okta allows password policies that does not meet application requirements, as different applications can have different password strength requirements, and it is up-to the application to enforce its own password policy. Okta's password policy is a basic outline that helps with making the password's strong and secure.

    • lnllt (lnllt)

      How can I find my OIDC app's password requirements? Where are these set?

  • Mihai N. (Okta, Inc.)

    Hi @lnllt (lnllt)​ , Thank you for reaching out to the Okta Community!

     

    To clarify, Okta does not manage downstream application password policies/requirements. That will have to be done on the service provider side.  

    Depending on the use case, you could create Okta Password Policies to mirror those in the downstream apps where the Password sync feature might be used in order to prevent errors like the one you mentioned. 

     

    As far as I know, OIDC apps do no come with Provisioning capabilities so I don't understand why you are getting that error.  There's clearly some missing context here.  

    Please open a case to work with one of our Support Engineers to get to the bottom of things, as this is medium is not ideal for in-depth troubleshooting.

     

    I'll be following up on your other questions just to reference this post. 

    Expand Post

    • lnllt (lnllt)

      Hi Mihai. I think you misread my question. I never said I was getting an error. I was just talking about the error the linked article mentioned.

  • a0n5s (a0n5s)

    @lnllt (lnllt)​ I think you are misunderstand. there are no OIDC application password. password policy is apply to group or user, not to application. Maybe the user's password is satisfy with old policy. then the admin change the policy and password require more complex, then its it not satisfy. so the user login will get error message.

This question is closed.
Loading
How can I find my application's password requirements?