Managing the Password Policy
  • 19 Jul 2022
  • 1 Minute to read
  • Dark
    Light

Managing the Password Policy

  • Dark
    Light

You can change the password policy for users logging into your Sisense instance. This can be useful if your organization requires a more secure or specific password policy that meets certain requirements, such as a minimum number of characters, using certain types of characters, etc.

Using Sisense’s API, you can change the default password policy for users, and reset the policy back to the Sisense default (a password requiring a minimum of eight characters).

Password validation is performed when a password is changed. When the user tries to change an existing password, the new password is verified by the updated regex (regular expression).

The password regex does not affect passwords that were created before the change continue to be valid. Only passwords created after the password regex was introduced are affected.

To change the password policy using Sisense API:

  1. In Sisense, click the Admin tab and then click REST API in the left-hand menu.

  2. Click 0.9 in the upper-right corner.

  3. Expand the Settings section, and open POST /settings/security, then click Try It Out .

  4. In the Authorization field, enter your Sisense authorization key. The value of this field is the user’s API token, preceded by the keyword Bearer (with a space between it and the token). For information about how to retrieve this key, see Using the REST API .

  5. In the body of your call, in the passwordRegex field, replace the word “string” with your password policy regular expression (regex) definition.

    For example: "^(?=.\d)(?=.[a-z])(?=.[A-Z])(?=.[^a-zA-Z0-9])(?!.*\s).{8,20}$",” means that the password must include 8-20 characters, and must include 1 lowercase letter, 1 uppercase letter, 1 integer, and 1 special character. For more examples of password regex definitions, see here .

  6. In the passwordError field, replace the word “string” with your error message tooltip that will be received if a password does not comply with the password policy.

    For example: "Password must include 8-20 characters, which includes 1 lowercase letter, 1 uppercase letter, 1 integer, and 1 special character".

  7. Remove everything else from the list of permissions, including the other fields, the extra brackets and the extra commas:

    8-7pass-policy1thumb0300.png

  8. Click Execute .

To reset the Password Policy:

  • To reset the changes you made, enter a blank value for the password policy regex definition:

{
"passwordRegex": " "
}


Was this article helpful?