Password inline hook for extra restriction


I would like to add some extra restriction on the password than just the password policy when a user sets a new password. For example I would like to check if the password the user is setting has been previously used in a password DB breach.

To do so I’ve been checking on the password inline hook documentation. According to the documentation: “The Password Import Inline Hook is triggered when the end user tries to sign in to Okta for the first time” Does this hook gets triggered too when the user changes his password? If not, how can I get the users password when he changes it in order to do the necessary processing?

Thank you

This hook is only for initial setting up passwords for imported users, it’s not for additional checks. I’m afraid that you can’t implement your customization with Okta. Password policy would be the only way, unless you want to create your own front-end for password changes.