Open topic with navigation

Integration Settings: PasswordRules

The PasswordRules integration setting allows an admin to define a list of rules to create a strong password for integrations without changing the password strength for iWeb/eWeb users.

The PasswordRules integration setting applies to the integration types which have Password or ClientSecret as the Integration Settings in the Integration Profile. An admin can set limits to the usage of characters types and the character length for the Integration type password using this field.

Using PasswordRules Integration Setting

Note: By default, the Password field accepts only a “strong password” (Strong password Criteria: the character length must be in 8 to 50 character long, must have at least one uppercase letter, must have at least one lowercase letter, must have at least one numeric character, and must have at least one special character).

The staff users will get a password validation error after adding any random or weak password on the Password and ClientSecret integration settings form as shown in the below screenshot.

To add or change password policies for ignoring any of the strong password policies for an integration type:

  1. Login to iWeb with admin credentials.
  2. Go to the Admin module and expand the Integration group item.
  3. Click the Overview group item link.
  4. From the displayed Integrations Profile, click the collapse/expand icon on the Integrations child form.
  5. From the Integrations list, click the goto record icon on the integration type for which you want to set the password rule. This will display the Integration Profile.
  6. Expand the Integration Settings child form and then click the Edit icon on the PasswordRules field. This will display the Edit – Integration Setting form.

  7. Follow the Helper Text field to add or update the values to be ignored for password setting in the Value field. If adding two or more password policies in the Value field, separate them using semicolon (;).

    8. Password Policy Description
    IgnoreStrongPasswords Adding IgnoreStrongPasswords to the Value field will ignore all the validations for Strong Password (Any Non-Empty password is expected).
    IgnoreMinPasswordLength Adding IgnoreMinPasswordLength to the Value field will ignore that the password should have minimum length.
    IgnoreLowerCase Adding IgnoreLowerCase to the Value field will ignore that the password should contain Lower Case characters.
    IgnoreSpecialChar Adding IgnoreSpecialChar to the Value field will ignore that the password should contain Special Characters.
    IgnoreUpperCase Adding IgnoreUpperCase to the Value field will ignore that the password should contain Upper Case Characters.
    IgnoreNumericChar Adding IgnoreNumericChar to the Value field will ignore that the password should contain Numeric Characters.

  8. Enter the desired values in the Value field (values must be separated using semicolon) and then click Save.

    9. Example: IgnoreMinPasswordLength;IgnoreSpecialChar

    Once you update the PasswordRules integration setting, you no longer be required to add the ignored characters in the Password field for the Integration type.

    Considering the above example, you are required to add the uppercase, lowercase, and numeric characters for setting the integration password. If the staff user does not follow the set password rules, then the system will generate the below password validation error.

    Note: The Password validation error shown in the screenshot does not contain the password criteria statements for password length and special characters as it was set to be ignored in the PasswordRules integration setting.