Creating password policy for group using java sdk

I am trying to automate the creation of applications, groups, policies, and rules using the Java SDK. Does the Java SDK support the creation of a password policy and rule and have it attached to a group?

Any response would be appreciated.

Thanks!

Hi @jeyadev

There is no current support for password policy, however you can call it using a raw request through https://github.com/okta/okta-sdk-java#call-other-api-endpoints

1 Like

Hi Dragos,

I gave a try to the above suggestion and encountered an error. Can you please take a look and advise?

ExtensibleResource resource = client.instantiate(ExtensibleResource.class);
ExtensibleResource protocolNode = client.instantiate(ExtensibleResource.class);
protocolNode.put(“type”, “OAUTH2”);
resource.put(“protocol”, protocolNode);
ExtensibleResource result = client.http()
.setBody(resource)
.post("/api/v1/idps", ExtensibleResource.class);

Error: Exception in thread “main” com.okta.sdk.resource.ResourceException: HTTP 400, Okta E0000001 (Api validation failed: type - type: The IDP has an invalid type.)

I also gave a try creating an application using the same class.

ExtensibleResource resource = client.instantiate(ExtensibleResource.class);
ExtensibleResource protocolNode = client.instantiate(ExtensibleResource.class);
resource.put(“name”, “oidc_client”);
resource.put(“label”, “Sample Basic app”);
resource.put(“signOnMode”, “OPENID_CONNECT”);
ExtensibleResource oauthNode = client.instantiate(ExtensibleResource.class);
oauthNode.put(“token_endpoint_auth_method”, “client_secret_post”);
ExtensibleResource credentialsNode = client.instantiate(ExtensibleResource.class);
credentialsNode.put(“oauthClient”, oauthNode);

    ExtensibleResource setting_oauth_node = client.instantiate(ExtensibleResource.class);

    setting_oauth_node.put("client_uri", "http://localhost:8080");
    Integer a = setting_oauth_node.getInteger("client_uri");
    setting_oauth_node.put("logo_uri", "http://developer.okta.com/assets/images/logo-new.png");
    List<String> redirect_uris = new ArrayList<String>();
    redirect_uris.add("https://example.com/oauth2/callback");
    redirect_uris.add("myapp://callback");
    setting_oauth_node.put("redirect_uris", redirect_uris);
    List<String> response_types = new ArrayList<String>();
    response_types.add("token");
    response_types.add("id_token");
    response_types.add("code");
    setting_oauth_node.put("response_types", response_types);
    List<String> grant_types = new ArrayList<>();
    grant_types.add("implicit");
    grant_types.add("authorization_code");
    setting_oauth_node.put("grant_types", grant_types);
    setting_oauth_node.put("application_type", "native");
    ExtensibleResource setting = client.instantiate(ExtensibleResource.class);
    setting.put("settings", setting_oauth_node);
    resource.put("name", "oidc_client");
    resource.put("label", "Sample admin app");
    resource.put("signOnMode", "OPENID_CONNECT");
    resource.put("credentials", credentialsNode);
    resource.put("settings", setting);

    ExtensibleResource result = client.http()
            .setBody(resource)
            .post("/api/v1/apps", ExtensibleResource.class);

Again getting an error.

HTTP 400, Okta E0000003 (The request body was not well-formed.

Request your insights. Thank you.

Hi @jeyadev

Here is a simple example to create the password policy

        Client client = Clients.builder()
                .setOrgUrl("https://org.okta.com")
                .setClientCredentials(new TokenClientCredentials("API_TOKEN_HERE"))
                .build();


        ExtensibleResource req = client.instantiate(ExtensibleResource.class);
        req.put("type", "PASSWORD");
        req.put("name", "Test Password Policy123");
        req.put("description", "The test policy applies to users with Okta managed passwords.");
        req.put("conditions", client.instantiate(ExtensibleResource.class).put("authProvider", client.instantiate(ExtensibleResource.class).put("provider", "OKTA")));
        
        ExtensibleResource result = client.http()
                .setBody(req)
                .post("/api/v1/policies", ExtensibleResource.class);

This is the equivalent of

curl --location --request POST 'https://org.okta.com/api/v1/policies' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'Authorization: SSWS API_TOKEN_HERE' \
--data-raw '{
    "type": "PASSWORD",
    "name": "Test Password Policy123",
    "description": "The test policy applies to users with Okta managed passwords.",
    "conditions": {
        "authProvider": {
            "provider": "OKTA"
        }
    }
}'
1 Like