Custom Set Password Page: How to Verify Password against Okta Password Settings

We have built our own custom pages for handling the user flow. In our Vue SPA app we are passing the users new password to Okta via API to under Users > Credential Operations > POST Set Password. Doing this will accept an value passed regardless if it meets the requirements set in Okta Password Settings. We are looking for an API to verify the password before submitting the change. Where or does an API exist to perform this task?

if you want to take into account the password policy when using the set password method, the strict parameter will need to be passed in the request.

@Fuzzard Thank you for the response. Passing the parameter does enforce the min and complexity requirements. However this does not enforce the password history setting under password age. Is this a known issue or a possible support question?

yes, the password history is not taken into account as this kind of password update is an administrative action and is not seen as the user actually made the change

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.