{
    "componentChunkName": "component---src-templates-docs-js",
    "path": "/admin/10-password",
    "result": {"data":{"site":{"siteMetadata":{"title":"OpenIAM Documentation v2026.6.2 | OpenIAM","docsLocation":""}},"mdx":{"fields":{"id":"23ed240f-f908-50fb-8d1b-adbfe11b87d2","title":"Password policy","slug":"/admin/10-password"},"body":"var _excluded = [\"components\"];\n\nfunction _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\n/* @jsxRuntime classic */\n\n/* @jsx mdx */\nvar _frontmatter = {\n  \"title\": \"Password policy\",\n  \"metaTitle\": \"Password policy configuration\",\n  \"metaDescription\": \"Describes how to configure the password policy\"\n};\nvar layoutProps = {\n  _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n  var components = _ref.components,\n      props = _objectWithoutProperties(_ref, _excluded);\n\n  return mdx(MDXLayout, _extends({}, layoutProps, props, {\n    components: components,\n    mdxType: \"MDXLayout\"\n  }), mdx(\"p\", null, \"The password policy controls the following:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Password composition.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Frequency of change.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"SelfService forgot password configuration.\")), mdx(\"p\", null, \"The sections below describe how to configure the password policy. To access the password policy configuration page, go to \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Policy\"), \" > \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Password Policy\"), \". If you are new to OpenIAM, start by configuring the existing \", mdx(\"em\", {\n    parentName: \"p\"\n  }, \"Default Password Policy\"), \" instead of creating a new one.\"), mdx(\"h2\", null, \"Password policy overview\"), mdx(\"p\", null, \"The general data of the password policy contains the following fields:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Name.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Description.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Priority: A numeric value representing the priority of this policy. A higher number indicates a higher priority over policies with a lower number.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Active/Not Active flag: If the policy is not active, it won't be used during the policy resolving process.\")), mdx(\"p\", null, mdx(\"span\", {\n    parentName: \"p\",\n    \"className\": \"gatsby-resp-image-wrapper\",\n    \"style\": {\n      \"position\": \"relative\",\n      \"display\": \"block\",\n      \"marginLeft\": \"auto\",\n      \"marginRight\": \"auto\",\n      \"maxWidth\": \"1035px\"\n    }\n  }, \"\\n      \", mdx(\"a\", {\n    parentName: \"span\",\n    \"className\": \"gatsby-resp-image-link\",\n    \"href\": \"/docs-2026.6.2/static/c0ce791556aac474d4da98786ed6dc3f/3fb1d/pswd-policy-01-overview.png\",\n    \"style\": {\n      \"display\": \"block\"\n    },\n    \"target\": \"_blank\",\n    \"rel\": \"noopener\"\n  }, \"\\n    \", mdx(\"span\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-background-image\",\n    \"style\": {\n      \"paddingBottom\": \"19.305019305019304%\",\n      \"position\": \"relative\",\n      \"bottom\": \"0\",\n      \"left\": \"0\",\n      \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAECAYAAACOXx+WAAAACXBIWXMAABJ0AAASdAHeZh94AAAAWUlEQVQY063M3wpAMBhA8b3/06CRXcjfZaU1Sa68B+0rR3kEnPrdHpXoiqxo0KZDl+/kpifNa9y0oDrrsW6mHwPDWy7QWs+67Si4+DN1nCciQoxClA+iPJ8btREhG0h6KTwAAAAASUVORK5CYII=')\",\n      \"backgroundSize\": \"cover\",\n      \"display\": \"block\"\n    }\n  }), \"\\n  \", mdx(\"img\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-image\",\n    \"alt\": \"Overview\",\n    \"title\": \"Overview\",\n    \"src\": \"/docs-2026.6.2/static/c0ce791556aac474d4da98786ed6dc3f/e3189/pswd-policy-01-overview.png\",\n    \"srcSet\": [\"/docs-2026.6.2/static/c0ce791556aac474d4da98786ed6dc3f/a2ead/pswd-policy-01-overview.png 259w\", \"/docs-2026.6.2/static/c0ce791556aac474d4da98786ed6dc3f/6b9fd/pswd-policy-01-overview.png 518w\", \"/docs-2026.6.2/static/c0ce791556aac474d4da98786ed6dc3f/e3189/pswd-policy-01-overview.png 1035w\", \"/docs-2026.6.2/static/c0ce791556aac474d4da98786ed6dc3f/44d59/pswd-policy-01-overview.png 1553w\", \"/docs-2026.6.2/static/c0ce791556aac474d4da98786ed6dc3f/3fb1d/pswd-policy-01-overview.png 1709w\"],\n    \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n    \"style\": {\n      \"width\": \"100%\",\n      \"height\": \"100%\",\n      \"margin\": \"0\",\n      \"verticalAlign\": \"middle\",\n      \"position\": \"absolute\",\n      \"top\": \"0\",\n      \"left\": \"0\"\n    },\n    \"loading\": \"lazy\",\n    \"decoding\": \"async\"\n  }), \"\\n  \"), \"\\n    \")), mdx(\"div\", {\n    style: {\n      \"border\": \"1px solid #169998\",\n      \"marginTop\": \"15px\",\n      \"marginBottom\": \"15px\",\n      \"paddingTop\": \"10px\",\n      \"paddingBottom\": \"10px\",\n      \"paddingLeft\": \"5px\",\n      \"paddingRight\": \"5px\"\n    }\n  }, mdx(\"span\", {\n    style: {\n      \"color\": \"#169998\",\n      \"fontWeight\": \"bold\"\n    }\n  }, \"Note:\"), \" Password policies created in OpenIAM will not supersede the password complexity requirements in a managed system. Passwords entered in OpenIAM must still be a valid for the Managed system. If OpenIAM has a policy that is less restrictive than the policy in the managed system, the password change will fail. The audit logs will show a failure for that managed system.\"), mdx(\"h2\", null, \"Password policy composition\"), mdx(\"p\", null, \"This section of the page allows configuring the details of the required password composition. A description of each field is provided in the table below.\"), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Field\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Description\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Alpha Character (Min-Max) Amount\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Minimum and maximum number of alphabetic (letter) characters that must be included in a password.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Ideographic Characters (Chars) Are Not Allowed in the Password\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Determines whether it is possible to use CJKV (Chinese, Japanese, Korean, and Vietnamese) ideograph characters defined by the Unicode Standard.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"deprecated\"), \" Initial Password Type\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Random vs static password generation must be defined in OPENIAM managed system policy map -> password groovy script. Example of random groovy password you can find in Appendix below.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Limit the Repetition of the Same Character\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"For example, if this value is set to 3, then the password \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"kk\"), \"fd44\", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"k\"), \"dds\", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"k\"), \" is not acceptable since it contains four \", mdx(\"inlineCode\", {\n    parentName: \"td\"\n  }, \"k\"), \" letters, but \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"kk\"), \"fd44\", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"K\"), \"dds\", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"k\"), \" will be accepted since one \", mdx(\"inlineCode\", {\n    parentName: \"td\"\n  }, \"K\"), \" is uppercase.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Lowercase Characters (Min-Max) Amount\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Minimum and maximum number of lowercase (small) characters that must be included in a password.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Minimum Number of Words in the Phrase\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Specifies the least number of words a passphrase or password phrase must contain.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Non-alpha Numeric Symbols (Min-Max) Amount\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"The minimum and maximum number of non-alphanumeric symbols (punctuation marks, special symbols, and other characters) that must be included in a password.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Numeric Characters (Min-Max) Amount\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"The minimum and maximum number of numeric (digit) characters that must be included in a password.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Reject Password Equals Password\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"If this is checked, the policy forbids the password to be the word \\\"password\\\" (ex.: 123password00). It can also be done by adding the word to the password dictionary.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Password History Versions\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Feature implemented in systems to track and manage the historical passwords associated with a user account. It's a numerical value.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Password Length\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Determines the length of the password. \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"Minimum\"), \" value here is \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"1\"), \", and maximum value of characters is \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"128\"), \".\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Reject Password Which Equals to LoginId\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"If this is checked, the policy forbids the password to be the same as \", mdx(\"em\", {\n    parentName: \"td\"\n  }, \"LoginId\"), \".\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Reject Password Which Equals to First or Last Name\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"If this is checked, the policy forbids the password to be the same as the first or last name of a user.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Characters Not Allowed in a Password\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Specifies certain characters that users are prohibited from including in their passwords.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Words Not Allowed in a Password\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"If the password is in the blacklist (aka \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"password dictionary\"), \"), it will be rejected. the password dictionary file is a line-delimited list: \", mdx(\"ul\", null, mdx(\"inlineCode\", {\n    parentName: \"td\"\n  }, \"word1\"), mdx(\"br\", null), mdx(\"inlineCode\", {\n    parentName: \"td\"\n  }, \"word2\"), mdx(\"br\", null), mdx(\"inlineCode\", {\n    parentName: \"td\"\n  }, \"word3\"), mdx(\"br\", null), mdx(\"inlineCode\", {\n    parentName: \"td\"\n  }, \"word...\"), \",\"), \" To upload a password dictionary, check the box and go to the \", mdx(\"em\", {\n    parentName: \"td\"\n  }, \"Import/Export\"), \" section at the very end of the page. Add the file with the dictionary to the \", mdx(\"em\", {\n    parentName: \"td\"\n  }, \"Upload Password Dictionary\"), \" field by clicking \", mdx(\"em\", {\n    parentName: \"td\"\n  }, \"Browse\"), \".\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Repetition of the Same Word in the Phrase\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"If checked, prevents users from using identical or repeated words within the same passphrase.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Uppercase Characters (Min-Max) Amount\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Minimum and maximum number of uppercase (capital) characters that must be included in a password.\")))), mdx(\"p\", null, mdx(\"span\", {\n    parentName: \"p\",\n    \"className\": \"gatsby-resp-image-wrapper\",\n    \"style\": {\n      \"position\": \"relative\",\n      \"display\": \"block\",\n      \"marginLeft\": \"auto\",\n      \"marginRight\": \"auto\",\n      \"maxWidth\": \"1035px\"\n    }\n  }, \"\\n      \", mdx(\"a\", {\n    parentName: \"span\",\n    \"className\": \"gatsby-resp-image-link\",\n    \"href\": \"/docs-2026.6.2/static/90d8a86c5bc12c0cf8c6cecaac36a60d/2aa89/pswd-policy-02-pswd-composition.png\",\n    \"style\": {\n      \"display\": \"block\"\n    },\n    \"target\": \"_blank\",\n    \"rel\": \"noopener\"\n  }, \"\\n    \", mdx(\"span\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-background-image\",\n    \"style\": {\n      \"paddingBottom\": \"37.45173745173746%\",\n      \"position\": \"relative\",\n      \"bottom\": \"0\",\n      \"left\": \"0\",\n      \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAHCAYAAAAIy204AAAACXBIWXMAABJ0AAASdAHeZh94AAAA0ElEQVQoz42Q/WrDMAzE/f5PkzXpksLY0vSfPlAtf/vGKdikpbAZfsjId5Is87XecfpccZqvOF9umC43jPOGcdkwzldMy6Z8nFcM0w+G6Vv11L7DpFwBkP+c8qfCeO8hIhDnkHNGKQUxRsSUNKaUkHJG14nA+7BrlNQj/cZKgHMOIQTUWhU+HGETvlNHc5+3lE7zmofdhTTy50wehTsVbBxjeCrQ7vT2guKCfocw8dq5mfcJvUbmeFqRhu7QitO9cMrXzkfY0FrbV9MmO66F/AKh5hlcJfDlWwAAAABJRU5ErkJggg==')\",\n      \"backgroundSize\": \"cover\",\n      \"display\": \"block\"\n    }\n  }), \"\\n  \", mdx(\"img\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-image\",\n    \"alt\": \"Password Composition\",\n    \"title\": \"Password Composition\",\n    \"src\": \"/docs-2026.6.2/static/90d8a86c5bc12c0cf8c6cecaac36a60d/e3189/pswd-policy-02-pswd-composition.png\",\n    \"srcSet\": [\"/docs-2026.6.2/static/90d8a86c5bc12c0cf8c6cecaac36a60d/a2ead/pswd-policy-02-pswd-composition.png 259w\", \"/docs-2026.6.2/static/90d8a86c5bc12c0cf8c6cecaac36a60d/6b9fd/pswd-policy-02-pswd-composition.png 518w\", \"/docs-2026.6.2/static/90d8a86c5bc12c0cf8c6cecaac36a60d/e3189/pswd-policy-02-pswd-composition.png 1035w\", \"/docs-2026.6.2/static/90d8a86c5bc12c0cf8c6cecaac36a60d/44d59/pswd-policy-02-pswd-composition.png 1553w\", \"/docs-2026.6.2/static/90d8a86c5bc12c0cf8c6cecaac36a60d/2aa89/pswd-policy-02-pswd-composition.png 1698w\"],\n    \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n    \"style\": {\n      \"width\": \"100%\",\n      \"height\": \"100%\",\n      \"margin\": \"0\",\n      \"verticalAlign\": \"middle\",\n      \"position\": \"absolute\",\n      \"top\": \"0\",\n      \"left\": \"0\"\n    },\n    \"loading\": \"lazy\",\n    \"decoding\": \"async\"\n  }), \"\\n  \"), \"\\n    \")), mdx(\"h2\", null, \"Forgot password parameter\"), mdx(\"p\", null, \"This section of the page allows configuring the details of the forgot password parameters and steps to restore it. The description of the fields is given in the table below.\"), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Field\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Description\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Account lock time (in seconds) after max OTP resend attempts exceeds\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Specifies the duration (in seconds) for which a user account is temporarily locked if the number of allowed One-Time Password (OTP) resend attempts is exceeded.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Number of answers for user-defined questions that are required to be correct\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"OpenIAM provides 18 out-of-the-box security questions but also allows the creation of custom questions. To use this function via the web console, go to \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"Administration\"), \" > \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"Challenge Response Questions\"), \" > \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"Create New Question\"), \". If you have custom questions, this policy defines the number of correct answers. This can also be done via the SelfService portal; the steps are described in the document by this \", mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"../end-user-guide-for-selfservice/2-selfservice/6-updatesecquestions\"\n  }, \"link\"), \".\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Number of user specified questions to display\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  })), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Max number of fail attempts to answer HelpDesk questions\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"See \", mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"14-Help.Desk.User.Profile.Protection\"\n  }, \"HelpDesk profile protection\"), \" document for more information.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"User failed question answers count\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Each time the user answers a question incorrectly, their failure count will increase. Upon surpassing the set number, the account will be locked.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Max OTP resend attempts allowed\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Defines the maximum number of times a user is permitted to resend a One-Time Password (OTP) during the password recovery process.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Minimal answer length\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Specifies the minimum number of characters required for answers to security (challenge) questions used.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Number of days the forgot password token is valid\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"If not set, the default value is 3. \", mdx(\"div\", {\n    style: {\n      \"border\": \"1px solid #169998\",\n      \"marginTop\": \"15px\",\n      \"marginBottom\": \"15px\",\n      \"paddingTop\": \"10px\",\n      \"paddingBottom\": \"10px\",\n      \"paddingLeft\": \"5px\",\n      \"paddingRight\": \"5px\"\n    }\n  }, mdx(\"span\", {\n    style: {\n      \"color\": \"#169998\",\n      \"fontWeight\": \"bold\"\n    }\n  }, \"Note:\"), \" The values can only be set for days, with a minimum value of 1.\"))), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"OTP lifetime (minutes)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"The duration of time during which a One-Time Password (OTP) is valid for authentication. The default value is 30 minutes.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Number of answers that are required to be correct\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"The minimum number of correct answers needed for out-of-the-box security questions.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Number of questions to display\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"The total number of questions to be asked.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Question list source\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"The source of security questions is taken from.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Max number of HelpDesk questions to be asked to the end user\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"See \", mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"14-Help.Desk.User.Profile.Protection\"\n  }, \"HelpDesk profile protection\"), \" document for more information.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Should user choose reset password action?\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"If checked, the decision to reset the password is taken by the user.\")))), mdx(\"p\", null, \"To disable security questions so that they won't be displayed during the first login, parameters related to questions should be unchecked.\"), mdx(\"p\", null, mdx(\"span\", {\n    parentName: \"p\",\n    \"className\": \"gatsby-resp-image-wrapper\",\n    \"style\": {\n      \"position\": \"relative\",\n      \"display\": \"block\",\n      \"marginLeft\": \"auto\",\n      \"marginRight\": \"auto\",\n      \"maxWidth\": \"1035px\"\n    }\n  }, \"\\n      \", mdx(\"a\", {\n    parentName: \"span\",\n    \"className\": \"gatsby-resp-image-link\",\n    \"href\": \"/docs-2026.6.2/static/297f235b8c3dd228459b0c7e22708477/2fb2d/pswd-policy-03-forgot-pswd.png\",\n    \"style\": {\n      \"display\": \"block\"\n    },\n    \"target\": \"_blank\",\n    \"rel\": \"noopener\"\n  }, \"\\n    \", mdx(\"span\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-background-image\",\n    \"style\": {\n      \"paddingBottom\": \"30.501930501930502%\",\n      \"position\": \"relative\",\n      \"bottom\": \"0\",\n      \"left\": \"0\",\n      \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAGCAYAAADDl76dAAAACXBIWXMAABYlAAAWJQFJUiTwAAAAv0lEQVQY022QyQ7CMAxE+/8HCoilQpygLFc+DanEsbMMskOgBSxNbMXP4yjN/nDDanfFfHPCbH20vOwuP1psT9ZrNz3adW950Z2x7M6WS31B44jhvQczI6UIjZyzniMBxAHMhRMRYwpXo9TNQw2JDKpmdYFKa5EARwJ6cdUsxjiR3jXOeQPrNs0hTMGYEojYOOfce/iv4X3QVxBCCJPNKaWRshmK8HuwLA4TzgwHJ2D/+RttjA2rgfa+/6+ajPUEp9bCqUm4ofQAAAAASUVORK5CYII=')\",\n      \"backgroundSize\": \"cover\",\n      \"display\": \"block\"\n    }\n  }), \"\\n  \", mdx(\"img\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-image\",\n    \"alt\": \"Forgot Password\",\n    \"title\": \"Forgot Password\",\n    \"src\": \"/docs-2026.6.2/static/297f235b8c3dd228459b0c7e22708477/e3189/pswd-policy-03-forgot-pswd.png\",\n    \"srcSet\": [\"/docs-2026.6.2/static/297f235b8c3dd228459b0c7e22708477/a2ead/pswd-policy-03-forgot-pswd.png 259w\", \"/docs-2026.6.2/static/297f235b8c3dd228459b0c7e22708477/6b9fd/pswd-policy-03-forgot-pswd.png 518w\", \"/docs-2026.6.2/static/297f235b8c3dd228459b0c7e22708477/e3189/pswd-policy-03-forgot-pswd.png 1035w\", \"/docs-2026.6.2/static/297f235b8c3dd228459b0c7e22708477/44d59/pswd-policy-03-forgot-pswd.png 1553w\", \"/docs-2026.6.2/static/297f235b8c3dd228459b0c7e22708477/2fb2d/pswd-policy-03-forgot-pswd.png 1695w\"],\n    \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n    \"style\": {\n      \"width\": \"100%\",\n      \"height\": \"100%\",\n      \"margin\": \"0\",\n      \"verticalAlign\": \"middle\",\n      \"position\": \"absolute\",\n      \"top\": \"0\",\n      \"left\": \"0\"\n    },\n    \"loading\": \"lazy\",\n    \"decoding\": \"async\"\n  }), \"\\n  \"), \"\\n    \")), mdx(\"h2\", null, \"Password change rule\"), mdx(\"p\", null, \"This section of the page allows configuring the details of changing the password. The description of the fields is given in a table below.\"), mdx(\"p\", null, mdx(\"span\", {\n    parentName: \"p\",\n    \"className\": \"gatsby-resp-image-wrapper\",\n    \"style\": {\n      \"position\": \"relative\",\n      \"display\": \"block\",\n      \"marginLeft\": \"auto\",\n      \"marginRight\": \"auto\",\n      \"maxWidth\": \"1035px\"\n    }\n  }, \"\\n      \", mdx(\"a\", {\n    parentName: \"span\",\n    \"className\": \"gatsby-resp-image-link\",\n    \"href\": \"/docs-2026.6.2/static/10894f37ba64cdd78b1c4e1262bf4fd3/bce1e/pswd-policy-04-pswd-change-rule.png\",\n    \"style\": {\n      \"display\": \"block\"\n    },\n    \"target\": \"_blank\",\n    \"rel\": \"noopener\"\n  }, \"\\n    \", mdx(\"span\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-background-image\",\n    \"style\": {\n      \"paddingBottom\": \"22.007722007722005%\",\n      \"position\": \"relative\",\n      \"bottom\": \"0\",\n      \"left\": \"0\",\n      \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAECAYAAACOXx+WAAAACXBIWXMAABJ0AAASdAHeZh94AAAAf0lEQVQY043M0QrCMAwF0P7/3wjTVR2IhfVhvyNrR5rkSrIK4sOwcGh7uUm4PRacY8JwTYhTduM0Y7zvYn+fLglDfPYsd/OPjMCiAMzxaYK/emEtG2qtICKIiGvMu9bAfjNe64ZSimci6rnN2N9Q7wZbZixUVfdZ/I0ag/m4Y97kty2YwmgTKQAAAABJRU5ErkJggg==')\",\n      \"backgroundSize\": \"cover\",\n      \"display\": \"block\"\n    }\n  }), \"\\n  \", mdx(\"img\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-image\",\n    \"alt\": \"Change Rule\",\n    \"title\": \"Change Rule\",\n    \"src\": \"/docs-2026.6.2/static/10894f37ba64cdd78b1c4e1262bf4fd3/e3189/pswd-policy-04-pswd-change-rule.png\",\n    \"srcSet\": [\"/docs-2026.6.2/static/10894f37ba64cdd78b1c4e1262bf4fd3/a2ead/pswd-policy-04-pswd-change-rule.png 259w\", \"/docs-2026.6.2/static/10894f37ba64cdd78b1c4e1262bf4fd3/6b9fd/pswd-policy-04-pswd-change-rule.png 518w\", \"/docs-2026.6.2/static/10894f37ba64cdd78b1c4e1262bf4fd3/e3189/pswd-policy-04-pswd-change-rule.png 1035w\", \"/docs-2026.6.2/static/10894f37ba64cdd78b1c4e1262bf4fd3/44d59/pswd-policy-04-pswd-change-rule.png 1553w\", \"/docs-2026.6.2/static/10894f37ba64cdd78b1c4e1262bf4fd3/bce1e/pswd-policy-04-pswd-change-rule.png 1696w\"],\n    \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n    \"style\": {\n      \"width\": \"100%\",\n      \"height\": \"100%\",\n      \"margin\": \"0\",\n      \"verticalAlign\": \"middle\",\n      \"position\": \"absolute\",\n      \"top\": \"0\",\n      \"left\": \"0\"\n    },\n    \"loading\": \"lazy\",\n    \"decoding\": \"async\"\n  }), \"\\n  \"), \"\\n    \")), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Field\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Description\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Change Password on the 1st Login?\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"If checked, then the user is required to change the initial password upon the first login.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Change password after reset\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"This requires the user to change his/her password after the administrator resets the password for the user.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Maximum retries for validate password\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Number of attempts to validate password.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Determines how many time you are allowed to change your password\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"A numerical value counting the time the user is allowed to change the password.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Password never expire\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Specifies whether a user\\u2019s password is exempt from expiration policies. When checked, the password remains valid indefinitely and is \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"not subject to periodic expiration\"), \" based on system-defined password age or rotation settings.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Password expiration grace period\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"The number of days after the password has expired during which the user is permitted to continue to log in.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Days to password expiration warning\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"A numerical value meaning the number of days prior expiration, when the user is sent a warning.\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Password expiration days\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Number of days the password stays valid and active.\", mdx(\"div\", {\n    style: {\n      \"border\": \"1px solid #169998\",\n      \"marginTop\": \"15px\",\n      \"marginBottom\": \"15px\",\n      \"paddingTop\": \"10px\",\n      \"paddingBottom\": \"10px\",\n      \"paddingLeft\": \"5px\",\n      \"paddingRight\": \"5px\"\n    }\n  }, mdx(\"span\", {\n    style: {\n      \"color\": \"#169998\",\n      \"fontWeight\": \"bold\"\n    }\n  }, \"Note:\"), \" If your goal is to establish a password policy that ensures users' passwords never expire, this can be achieved by populating the field with larger numbers like 9999. Currently, there is no way to allow a password not to expire without setting the password expiration in the above-mentioned way.\"))), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"Reject reset by user\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": \"right\"\n  }, \"If checked, the password reset by the user will be rejected, i.e. the change password button in the current account window will be disabled, as shown in the screenshot below. Additionally, in case the policy is ON, the corresponding message will be displayed when accessing \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"SelfService\"), \" > \", mdx(\"strong\", {\n    parentName: \"td\"\n  }, \"SelfService center\"), \" > Change password page.\", mdx(\"br\", null), mdx(\"span\", {\n    parentName: \"td\",\n    \"className\": \"gatsby-resp-image-wrapper\",\n    \"style\": {\n      \"position\": \"relative\",\n      \"display\": \"block\",\n      \"marginLeft\": \"auto\",\n      \"marginRight\": \"auto\",\n      \"maxWidth\": \"569px\"\n    }\n  }, \"\\n      \", mdx(\"a\", {\n    parentName: \"span\",\n    \"className\": \"gatsby-resp-image-link\",\n    \"href\": \"/docs-2026.6.2/static/eda95cea695d23b6d9bc60fd7482e6aa/854dc/10-password-06-change-pswd-button-disabled.png\",\n    \"style\": {\n      \"display\": \"block\"\n    },\n    \"target\": \"_blank\",\n    \"rel\": \"noopener\"\n  }, \"\\n    \", mdx(\"span\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-background-image\",\n    \"style\": {\n      \"paddingBottom\": \"44.4015444015444%\",\n      \"position\": \"relative\",\n      \"bottom\": \"0\",\n      \"left\": \"0\",\n      \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAJCAYAAAAywQxIAAAACXBIWXMAABYlAAAWJQFJUiTwAAABmElEQVQoz2WR6XLaQBCE9f5vFUMqTjmxY4lgMGCIbAmtVli3tDrgS82mwLjyo6t7r57eGafrOs4wxlh+TzMiFZMc3knTjDwvyLKcLC/QyYGqqj/dF+77HqUUzrWhYBwHgjDi7t7llztn8byxePSe8OZLfj7MSLOccRw/BbkYijhXaltjq1dVRV03FGVpuSwriqKkaRratqWua7sn+j/DYRguG/JIkswXK57XL5ZX6y2zxYrFZsfGD3hab3ne+ixf/lA0Df3xiBkH+nH8+LJUElPBOUXfdbZIJ8gy+sMBkyS0WmN0YvUFWtMXBUprnGuz6yY3dY05HunCEDOZYlyP/tFl9P6xYHA9Btelcz26b7fEyyWO9GPnv7HZ+gThntVmR7hXGEl6OtGt1hjf53A6EeUFe5l03VitysqynHWvr8R3P3AkjQxBmiwDkUHI2rQtAzBud/Suh8lymiiieAtolKKJFHUUUe/3tGnKOPtNfP+Ao1RMHH9Ax9qyNDjWmjgIiKdf0V9u0JMpyWSKvplafYGc3X5HhSF/Af/bpfJ06q10AAAAAElFTkSuQmCC')\",\n      \"backgroundSize\": \"cover\",\n      \"display\": \"block\"\n    }\n  }), \"\\n  \", mdx(\"img\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-image\",\n    \"alt\": \"Change password button disabled\",\n    \"title\": \"Change password button disabled\",\n    \"src\": \"/docs-2026.6.2/static/eda95cea695d23b6d9bc60fd7482e6aa/854dc/10-password-06-change-pswd-button-disabled.png\",\n    \"srcSet\": [\"/docs-2026.6.2/static/eda95cea695d23b6d9bc60fd7482e6aa/a2ead/10-password-06-change-pswd-button-disabled.png 259w\", \"/docs-2026.6.2/static/eda95cea695d23b6d9bc60fd7482e6aa/6b9fd/10-password-06-change-pswd-button-disabled.png 518w\", \"/docs-2026.6.2/static/eda95cea695d23b6d9bc60fd7482e6aa/854dc/10-password-06-change-pswd-button-disabled.png 569w\"],\n    \"sizes\": \"(max-width: 569px) 100vw, 569px\",\n    \"style\": {\n      \"width\": \"100%\",\n      \"height\": \"100%\",\n      \"margin\": \"0\",\n      \"verticalAlign\": \"middle\",\n      \"position\": \"absolute\",\n      \"top\": \"0\",\n      \"left\": \"0\"\n    },\n    \"loading\": \"lazy\",\n    \"decoding\": \"async\"\n  }), \"\\n  \"), \"\\n    \"))))), mdx(\"p\", null, \"There is also a possibility to limit password validation attempts. Here, after the limit is reached, the following error will be thrown:\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\"\n  }, \"Maximum limit for password validation for an identity reached.\\n\")), mdx(\"p\", null, mdx(\"span\", {\n    parentName: \"p\",\n    \"className\": \"gatsby-resp-image-wrapper\",\n    \"style\": {\n      \"position\": \"relative\",\n      \"display\": \"block\",\n      \"marginLeft\": \"auto\",\n      \"marginRight\": \"auto\",\n      \"maxWidth\": \"1035px\"\n    }\n  }, \"\\n      \", mdx(\"a\", {\n    parentName: \"span\",\n    \"className\": \"gatsby-resp-image-link\",\n    \"href\": \"/docs-2026.6.2/static/6cf3b5daf52df7c09c7c551394b3d766/bce1e/10-password-01-password-validation-limit.png\",\n    \"style\": {\n      \"display\": \"block\"\n    },\n    \"target\": \"_blank\",\n    \"rel\": \"noopener\"\n  }, \"\\n    \", mdx(\"span\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-background-image\",\n    \"style\": {\n      \"paddingBottom\": \"22.007722007722005%\",\n      \"position\": \"relative\",\n      \"bottom\": \"0\",\n      \"left\": \"0\",\n      \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAECAYAAACOXx+WAAAACXBIWXMAABYlAAAWJQFJUiTwAAAAn0lEQVQY033NXQrCQAxG0e5/MUptpSKFihvxxUdFq/PXmWSudBQRRAOHLySEVJtuT73cFs2q/1b3NO3Aot1Rrweabk+7+a26H46k8wmuF3AWrAVzB2Oe/TiCdQQFlQhk/lVlrzf8OBKNRbwvknNP1iHWkcKEcRN+3iVBNSOixBhJKb3NsypMAR8CSbX8nmnOhbxyFqOUo5xzoaqISMlPDzWDKs/M67tiAAAAAElFTkSuQmCC')\",\n      \"backgroundSize\": \"cover\",\n      \"display\": \"block\"\n    }\n  }), \"\\n  \", mdx(\"img\", {\n    parentName: \"a\",\n    \"className\": \"gatsby-resp-image-image\",\n    \"alt\": \"Password validation limit\",\n    \"title\": \"Password validation limit\",\n    \"src\": \"/docs-2026.6.2/static/6cf3b5daf52df7c09c7c551394b3d766/e3189/10-password-01-password-validation-limit.png\",\n    \"srcSet\": [\"/docs-2026.6.2/static/6cf3b5daf52df7c09c7c551394b3d766/a2ead/10-password-01-password-validation-limit.png 259w\", \"/docs-2026.6.2/static/6cf3b5daf52df7c09c7c551394b3d766/6b9fd/10-password-01-password-validation-limit.png 518w\", \"/docs-2026.6.2/static/6cf3b5daf52df7c09c7c551394b3d766/e3189/10-password-01-password-validation-limit.png 1035w\", \"/docs-2026.6.2/static/6cf3b5daf52df7c09c7c551394b3d766/44d59/10-password-01-password-validation-limit.png 1553w\", \"/docs-2026.6.2/static/6cf3b5daf52df7c09c7c551394b3d766/bce1e/10-password-01-password-validation-limit.png 1696w\"],\n    \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n    \"style\": {\n      \"width\": \"100%\",\n      \"height\": \"100%\",\n      \"margin\": \"0\",\n      \"verticalAlign\": \"middle\",\n      \"position\": \"absolute\",\n      \"top\": \"0\",\n      \"left\": \"0\"\n    },\n    \"loading\": \"lazy\",\n    \"decoding\": \"async\"\n  }), \"\\n  \"), \"\\n    \")), mdx(\"p\", null, \"User will again be able to validate this password after 10 minutes.\"), mdx(\"div\", {\n    style: {\n      \"border\": \"1px solid #169998\",\n      \"marginTop\": \"15px\",\n      \"marginBottom\": \"15px\",\n      \"paddingTop\": \"10px\",\n      \"paddingBottom\": \"10px\",\n      \"paddingLeft\": \"5px\",\n      \"paddingRight\": \"5px\"\n    }\n  }, mdx(\"span\", {\n    style: {\n      \"color\": \"#169998\",\n      \"fontWeight\": \"bold\"\n    }\n  }, \"Note:\"), \" On the 1st login, the user might be directly taken to challenge questions after entering the password on login, instead of being asked to change their password. This event might happen even if \", mdx(\"span\", {\n    style: {\n      \"fontWeight\": \"bold\"\n    }\n  }, \"Change Password on the 1st Login?\"), \" field is checked. To tackle this issue, make sure to set the PENDING_INITIAL_LOGIN status in the synchronization script for new users.\"), mdx(\"h2\", null, \"Multiple password policies\"), mdx(\"p\", null, \"OpenIAM provides the capability to link multiple password policies to various objects such as roles, groups, organizations, managed systems and authentication policies.  When a user sets/resets a password, a password policy resolver is called.\\nThe password policy with the highest priority is then applied.\"), mdx(\"p\", null, \"Example:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"There are several password policies in OpenIAM: The \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"Default Password Policy\"), \" with a priority of 10; \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"CustomPolicy1\"), \" with a priority of 14 (more restricted than the default password policy); _AD Password Policy_with a priority of 15.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"The following objects are in OpenIAM: The role \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"Manager\"), \" is linked to \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"CustomPolicy1\"), \"; the group \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"AD Users\"), \" is linked to \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"AD Password Policy\"), \"; the organization \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"Sales Department\"), \" is linked to \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"Default Password Policy\"), \".\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"The user John.Snow has a \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"Manager\"), \" role and is a member of the \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"Sales Department\"), \" organization.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"The user Sansa.Stark belongs to the \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"AD Users\"), \" group and is a member of the \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"Sales Department\"), \" organization.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"The user Arya.Stark has a \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"Manager\"), \" role and belongs to the \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"AD Users\"), \" group.\")), mdx(\"h2\", null, \"Appendix 1\"), mdx(\"p\", null, \"Groovy script to generate random password\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\"\n  }, \"package org.openiam\\n\\n\\nimport org.openiam.api.connector.groovy.AbstractIPolicyMapGroovy\\nimport org.openiam.api.connector.model.ConnectorAttribute\\nimport org.openiam.api.connector.model.StringOperationalConnectorValue\\nimport org.openiam.base.AttributeOperationEnum\\nimport org.openiam.base.response.list.PolicyListResponse\\nimport org.openiam.common.beans.mq.PolicyRabbitMQService\\nimport org.openiam.idm.provisioning.diff.model.user.ProvisionUserObjectDiff\\nimport org.openiam.idm.searchbeans.PolicySearchBean\\nimport org.openiam.idm.srvc.pswd.service.PasswordGenerator\\nimport org.springframework.beans.factory.annotation.Autowired\\n\\n/**\\n * Script generates random password using password policy\\n */\\nclass UserPassword extends AbstractIPolicyMapGroovy<ProvisionUserObjectDiff> {\\n\\n    private static final String DEFAULT_POLICY_ID = \\\"4000\\\"\\n\\n\\n    @Autowired\\n    private PolicyRabbitMQService policyRabbitMQService\\n\\n\\n    @Override\\n    boolean isPerform(ProvisionUserObjectDiff diffObject) {\\n        return AttributeOperationEnum.ADD.equals(diffObject.getStatus())\\n    }\\n\\n\\n    @Override\\n    void perform(ConnectorAttribute attribute, ProvisionUserObjectDiff diffObject) {\\n        PolicySearchBean psb = new PolicySearchBean()\\n        psb.addKey(DEFAULT_POLICY_ID)\\n        PolicyListResponse response = policyRabbitMQService.findBeans(psb, 0, 1)\\n        String password = PasswordGenerator.generatePassword(response.getList().get(0))\\n        attribute.addValue(new StringOperationalConnectorValue(password, diffObject.getStatus()))\\n    }\\n}\\n\")));\n}\n;\nMDXContent.isMDXComponent = true;","tableOfContents":{"items":[{"url":"#password-policy-overview","title":"Password policy overview"},{"url":"#password-policy-composition","title":"Password policy composition"},{"url":"#forgot-password-parameter","title":"Forgot password parameter"},{"url":"#password-change-rule","title":"Password change rule"},{"url":"#multiple-password-policies","title":"Multiple password policies"},{"url":"#appendix-1","title":"Appendix 1"}]},"parent":{"relativePath":"admin/10-password.md"},"frontmatter":{"metaTitle":"Password policy configuration","metaDescription":"Describes how to configure the password policy"}},"allMdx":{"edges":[{"node":{"fields":{"slug":"/admin","title":"Administration guide"}}},{"node":{"fields":{"slug":"/appendix","title":"Appendix"}}},{"node":{"fields":{"slug":"/connectorconfig","title":"IdM Connectors"}}},{"node":{"fields":{"slug":"/developerguide","title":"Developer Guide"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice","title":"End user guide for SelfService portal"}}},{"node":{"fields":{"slug":"/getting-started","title":"Getting Started"}}},{"node":{"fields":{"slug":"/","title":"Welcome to the OpenIAM Documentation"}}},{"node":{"fields":{"slug":"/installation","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/changelog","title":"Change log"}}},{"node":{"fields":{"slug":"/ssocatalog","title":"SSO Catalog"}}},{"node":{"fields":{"slug":"/whatsnew","title":"What's new in OpenIAM"}}},{"node":{"fields":{"slug":"/admin/0-login","title":"Logging in to the admin portal"}}},{"node":{"fields":{"slug":"/admin/1-exportimport","title":"Import / Export"}}},{"node":{"fields":{"slug":"/troubleshooting","title":"FAQ / Troubleshooting"}}},{"node":{"fields":{"slug":"/admin/1-usradmin","title":"User administration"}}},{"node":{"fields":{"slug":"/admin/10-password","title":"Password policy"}}},{"node":{"fields":{"slug":"/admin/10-consent-management","title":"Consent management"}}},{"node":{"fields":{"slug":"/admin/12-administration","title":"Administration"}}},{"node":{"fields":{"slug":"/admin/13-selfregistration","title":"Self-registration"}}},{"node":{"fields":{"slug":"/admin/15-audit","title":"Audit"}}},{"node":{"fields":{"slug":"/admin/14-Help.Desk.User.Profile.Protection","title":"HelpDesk profile protection"}}},{"node":{"fields":{"slug":"/admin/16-admin-pswd-change","title":"Password reset for administrator's account"}}},{"node":{"fields":{"slug":"/admin/18-services-passwd-change-k8","title":"Password update for OpenIAM services in Kubernetes"}}},{"node":{"fields":{"slug":"/admin/17-services-manual-passwd-change","title":"Manual password update for OpenIAM services in RPM"}}},{"node":{"fields":{"slug":"/admin/19-reports","title":"OpenIAM report services"}}},{"node":{"fields":{"slug":"/admin/20-virtual-tentant-by-org","title":"Enabling a virtual tenant by organization"}}},{"node":{"fields":{"slug":"/admin/21-graph-rebuild","title":"Rebuilding OpenIAM's in-memory authorization graph"}}},{"node":{"fields":{"slug":"/admin/22-token-session-util","title":"Session management utility for RPM"}}},{"node":{"fields":{"slug":"/admin/3-authz","title":"Managing access"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov","title":"Requests / Approval"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle","title":"Automated provisioning"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/admin/8-sso","title":"Federation / SSO to applications"}}},{"node":{"fields":{"slug":"/admin/2-authentication","title":"Authentication"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy","title":"Access gateway"}}},{"node":{"fields":{"slug":"/appendix/1-self-signedcert","title":"Generate Self-signed Cert"}}},{"node":{"fields":{"slug":"/appendix/2-openssl","title":"Install OpenSSL"}}},{"node":{"fields":{"slug":"/appendix/3-installopenldap","title":"Install OpenLDAP on Ubuntu"}}},{"node":{"fields":{"slug":"/appendix/4-prepforprod","title":"Prepare for Production"}}},{"node":{"fields":{"slug":"/changelog/11-Release-4.2.1.5","title":"Release 4.2.1.5"}}},{"node":{"fields":{"slug":"/changelog/12-Release-4.2.1.6","title":"Release 4.2.1.6"}}},{"node":{"fields":{"slug":"/changelog/14-Release-4.2.1.8","title":"Release 4.2.1.8"}}},{"node":{"fields":{"slug":"/changelog/15-Release-4.2.1.9","title":"Release 4.2.1.9"}}},{"node":{"fields":{"slug":"/changelog/16-Release-4.2.1.10","title":"Release 4.2.1.10"}}},{"node":{"fields":{"slug":"/changelog/17-Release-4.2.1.11","title":"Release 4.2.1.11"}}},{"node":{"fields":{"slug":"/admin/7-access-cert","title":"User access review"}}},{"node":{"fields":{"slug":"/changelog/13-Release-4.2.1.7","title":"Release 4.2.1.7"}}},{"node":{"fields":{"slug":"/changelog/19-Release-4.2.1.13","title":"Release 4.2.1.13"}}},{"node":{"fields":{"slug":"/changelog/20-Release-4.2.1.14","title":"Release 4.2.1.14"}}},{"node":{"fields":{"slug":"/changelog/22-v2026.1.1","title":"Changelog for v2026.1.1"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.1.15","title":"Release 4.2.1.15"}}},{"node":{"fields":{"slug":"/changelog/23-v2026.5.2","title":"Changelog for v2026.5.2"}}},{"node":{"fields":{"slug":"/connectorconfig/2-configparam","title":"Connector parameters"}}},{"node":{"fields":{"slug":"/changelog/18-Release-4.2.1.12","title":"Release 4.2.1.12"}}},{"node":{"fields":{"slug":"/connectorconfig/4-troubleshootingconnector","title":"Provisioning operations troubleshooting"}}},{"node":{"fields":{"slug":"/connectorconfig/SAPUME","title":"SAP UME connector"}}},{"node":{"fields":{"slug":"/connectorconfig/adp","title":"ADP connector"}}},{"node":{"fields":{"slug":"/connectorconfig/LDAP","title":"LDAP connector"}}},{"node":{"fields":{"slug":"/connectorconfig/JDBC","title":"JDBC connector"}}},{"node":{"fields":{"slug":"/connectorconfig/gsuite","title":"GSuite connector"}}},{"node":{"fields":{"slug":"/connectorconfig/freeIPA","title":"FreeIPA connector"}}},{"node":{"fields":{"slug":"/connectorconfig/aws","title":"AWS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/aerospike","title":"Aerospike connector"}}},{"node":{"fields":{"slug":"/connectorconfig/linux","title":"Linux connector"}}},{"node":{"fields":{"slug":"/connectorconfig/oracle","title":"Oracle RDBMS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/oracleebs","title":"Oracle EBS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/postgresql","title":"PostgreSQL connector"}}},{"node":{"fields":{"slug":"/connectorconfig/rexx","title":"Rexx connector"}}},{"node":{"fields":{"slug":"/connectorconfig/salesforce","title":"Salesforce.com connector"}}},{"node":{"fields":{"slug":"/connectorconfig/sap","title":"SAP S/4 Hana connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scim","title":"SCIM connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft","title":"Microsoft Application Connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector","title":"Groovy Script connector"}}},{"node":{"fields":{"slug":"/connectorconfig/tableau","title":"Tableau connector"}}},{"node":{"fields":{"slug":"/connectorconfig/workday","title":"Workday connector"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css","title":"Customizing branding"}}},{"node":{"fields":{"slug":"/developerguide/10-OpenIAM-opensource-rep","title":"OpenIAM open source repository"}}},{"node":{"fields":{"slug":"/developerguide/11-groovy-scripts","title":"Groovy Script Management"}}},{"node":{"fields":{"slug":"/developerguide/2-api","title":"RESTful API"}}},{"node":{"fields":{"slug":"/developerguide/3-whitelisting","title":"Whitelisting packages"}}},{"node":{"fields":{"slug":"/developerguide/4-scheduledtasks","title":"Batch/Scheduled tasks"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel","title":"Data model"}}},{"node":{"fields":{"slug":"/developerguide/6-ide","title":"Script development using an IDE"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization","title":"Synchronization Scripts"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/1-login","title":"Logging in to SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice","title":"Operations via SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/6-singlesignon","title":"Single sign-on"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest","title":"Request management"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess","title":"User access rights"}}},{"node":{"fields":{"slug":"/getting-started/1-what_is_openiam","title":"What is OpenIAM?"}}},{"node":{"fields":{"slug":"/getting-started/2-productarchitecture","title":"Platform architecture"}}},{"node":{"fields":{"slug":"/getting-started/21-concepts","title":"Concepts"}}},{"node":{"fields":{"slug":"/getting-started/3-install_openiam","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce","title":"Discovery questions"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning","title":"Automated user provisioning"}}},{"node":{"fields":{"slug":"/getting-started/7-selfservice-pswd","title":"SelfService password reset"}}},{"node":{"fields":{"slug":"/getting-started/5-connecting","title":"Connecting to an authoritative source"}}},{"node":{"fields":{"slug":"/getting-started/9-openiam-as-IdP","title":"Integrating OpenIAM as your IdP"}}},{"node":{"fields":{"slug":"/getting-started/99-multifactor-authentication","title":"Configuring multi-factor authentication"}}},{"node":{"fields":{"slug":"/getting-started/8-openiam-with-IdP","title":"Integrating OpenIAM with your IdP"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation","title":"Deploying via RPM on Linux"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation","title":"Deploying via Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation","title":"Deploying to Kubernetes"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation","title":"Deploying on OpenShift"}}},{"node":{"fields":{"slug":"/installation/8-sizing","title":"Sizing recommendations"}}},{"node":{"fields":{"slug":"/installation/9-data_migration","title":"OpenIAM data migration"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous","title":"Miscellaneous related articles"}}},{"node":{"fields":{"slug":"/ssocatalog/AWS","title":"AWS SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Freshdesk","title":"Freshdesk SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Azure","title":"Azure SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Office365","title":"Office365 SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Gsuite","title":"GSuite SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Salesforce","title":"Salesforce.com"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster","title":"Cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors","title":"Connectors"}}},{"node":{"fields":{"slug":"/troubleshooting/docker","title":"Docker Swarm"}}},{"node":{"fields":{"slug":"/ssocatalog/okta","title":"Okta SSO"}}},{"node":{"fields":{"slug":"/troubleshooting/environment","title":"Environment"}}},{"node":{"fields":{"slug":"/troubleshooting/operational","title":"Operational"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm","title":"RPM"}}},{"node":{"fields":{"slug":"/troubleshooting/v3_update","title":"Update from V3.X to V4.X"}}},{"node":{"fields":{"slug":"/whatsnew/10-v4218","title":"New in v4.2.1.8"}}},{"node":{"fields":{"slug":"/whatsnew/1-v420","title":"New in v4.2.0.0"}}},{"node":{"fields":{"slug":"/whatsnew/11-v4219","title":"New in v4.2.1.9"}}},{"node":{"fields":{"slug":"/whatsnew/12-v42110","title":"New in v4.2.1.10"}}},{"node":{"fields":{"slug":"/whatsnew/13-v42111","title":"New in v4.2.1.11"}}},{"node":{"fields":{"slug":"/whatsnew/14-v42112","title":"New in v4.2.1.12"}}},{"node":{"fields":{"slug":"/whatsnew/15-v42113","title":"New in v4.2.1.13"}}},{"node":{"fields":{"slug":"/whatsnew/16-v42115","title":"New in v4.2.1.15"}}},{"node":{"fields":{"slug":"/whatsnew/16-v422","title":"New in v4.2.2"}}},{"node":{"fields":{"slug":"/whatsnew/17-v2026.1.1","title":"New in v2026.1.1"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.3.3","title":"New in 2026.3.3"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.3.1","title":"New in v2026.3.1"}}},{"node":{"fields":{"slug":"/whatsnew/22-v2026.5.2","title":"New in v2026.5.2"}}},{"node":{"fields":{"slug":"/whatsnew/21-v2026.4.2","title":"New in v2026.4.2"}}},{"node":{"fields":{"slug":"/whatsnew/23-v2026.6.1","title":"New in v2026.6.1"}}},{"node":{"fields":{"slug":"/whatsnew/7-v4215","title":"New in v4.2.1.5"}}},{"node":{"fields":{"slug":"/whatsnew/8-v4216","title":"New in v4.2.1.6"}}},{"node":{"fields":{"slug":"/whatsnew/9-v4217","title":"New in v4.2.1.7"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/1-createuser","title":"Creating a user"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/10-bulkoperations","title":"Bulk operations"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/11-bulkentitlements","title":"Bulk operations with entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/12-externaldelegation","title":"Organization level delegation"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.4.1","title":"New in v2026.4.1"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.2.1","title":"New in v2026.2.1"}}},{"node":{"fields":{"slug":"/whatsnew/19-v2026.3.2","title":"New in v2026.3.2"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/14-add-remove-entitlements","title":"Adding/Removing entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/15-rehireuserflow","title":"Rehire user flow"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/16-user-conversion","title":"User conversion"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/17-newhireworkflow","title":"New hire workflow configuration"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/18-creating-new-dept-division","title":"Creating a new department or division"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/2-usertypes","title":"Custom user types"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/3-adminoperations","title":"Administrative actions on a User"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration","title":"Configuring page templates"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/5-finduser","title":"User search"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/6-relatedAccount","title":"Related accounts"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/13-unlock-account","title":"Unlocking an account"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/7-customfields","title":"Custom fields"}}},{"node":{"fields":{"slug":"/admin/10-password/1-pswd-compromised","title":"Password breach detection"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/8-serviceaccounts","title":"Service accounts"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/9-orphanmanagement","title":"Orphan management"}}},{"node":{"fields":{"slug":"/admin/12-administration/3-squence-generator","title":"Sequence generators"}}},{"node":{"fields":{"slug":"/admin/12-administration/4-otpconfig","title":"Configure OTP Provider"}}},{"node":{"fields":{"slug":"/admin/12-administration/5-links","title":"External links on login page"}}},{"node":{"fields":{"slug":"/admin/12-administration/7-reconciliationhistory","title":"Reconciliation history"}}},{"node":{"fields":{"slug":"/admin/12-administration/8-aboutopenIAM-page","title":"About OpenIAM Page"}}},{"node":{"fields":{"slug":"/admin/12-administration/6-languages","title":"Managing languages"}}},{"node":{"fields":{"slug":"/admin/12-administration/9-reindex_elasticsearch","title":"Reindex Opensearch"}}},{"node":{"fields":{"slug":"/admin/15-audit/1-audit-events-interpret","title":"Audit events interpretation"}}},{"node":{"fields":{"slug":"/admin/12-administration/99-heartbeat","title":"Heartbeat links"}}},{"node":{"fields":{"slug":"/admin/15-audit/2-audit-log-export-connector","title":"Audit log export connector"}}},{"node":{"fields":{"slug":"/admin/2-authentication/10-fidologin","title":"FIDO-2 authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/1-auth-overview","title":"Configuring authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/11-credentialprovider","title":"Credential provider"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-certificateauth","title":"Configuring certificate-based authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/13-criiptoauth","title":"Criipto authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-account-unlock","title":"Setting up account unlock"}}},{"node":{"fields":{"slug":"/admin/2-authentication/14-duo-auth","title":"Duo authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/15-modernauth","title":"Microsoft Modern authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-auth-policy","title":"Authentication policy"}}},{"node":{"fields":{"slug":"/admin/2-authentication/16-external-multiselect-auth","title":"External/multiselect authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/7-otp","title":"OTP over SMS or E-mail"}}},{"node":{"fields":{"slug":"/admin/2-authentication/3-passwordauth","title":"Password-based authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social","title":"Social authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/10-accessright","title":"Access rights"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig","title":"System configuration"}}},{"node":{"fields":{"slug":"/admin/2-authentication/9-adaptiveauth","title":"Adaptive authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/1-overview","title":"Introduction to access control"}}},{"node":{"fields":{"slug":"/admin/3-authz/11-contentprovider","title":"Content provider"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus","title":"Menus"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles","title":"Managing roles"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-conflict-groups","title":"Conflict Groups"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups","title":"Managing groups"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management","title":"Mail management"}}},{"node":{"fields":{"slug":"/admin/3-authz/4-types","title":"Metadata types"}}},{"node":{"fields":{"slug":"/admin/3-authz/5-resources","title":"Managing resources"}}},{"node":{"fields":{"slug":"/admin/3-authz/6-organization","title":"Managing organizations"}}},{"node":{"fields":{"slug":"/admin/3-authz/8-accesstossoapps","title":"Access to SSO applications"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/1-Automated-applications","title":"Connected applications"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications","title":"Manual applications"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/1-synch","title":"Configuring synchronization"}}},{"node":{"fields":{"slug":"/admin/2-authentication/21-dashboards","title":"Monitoring dashboards"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-delegatedauth","title":"Managed System authentication"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/10-managedsystemsimulation","title":"Managed system simulation mode"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config","title":"Configure Provisioning"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/12-LDAP-managedsys-config","title":"LDAP Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/2-incrementalsynch","title":"Incremental synchronization"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/3-recon","title":"Configure reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/6-managedsystem-config","title":"Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/5-recon-groovy","title":"Groovy Scripts for Reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/9-importorganization","title":"Import Organizations"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/8-importentitlements","title":"Import entitlements"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/1-application-category","title":"Application categories"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/2-approval-flow","title":"Approval flow"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/4-post-request","title":"After request has been approved"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/3-manualTasks","title":"Manual tasks"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/5-approve-by-email","title":"Approving requests via Email"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/4-birthright","title":"Birthright access"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/10-mitigation-controls","title":"Mitigation controls for SoD"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/11-campaign-dashboard","title":"Campaign dashboard"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/12-campaign-preview","title":"Campaign preview"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-event-driven-cert","title":"Risk event driven certification"}}},{"node":{"fields":{"slug":"/admin/3-authz/9-approvalflow","title":"Configuring approval workflows"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/1-entitlmentcert","title":"Entitlement based certification"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-usercert","title":"User based review"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/7-questionnaire","title":"Questionnaire"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-factor-config","title":"Risk factors configuration"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/3-certification-reporting","title":"Certification reporting"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/4-bulk-approval","title":"Allow bulk approval"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/4-membership-tags","title":"Membership tags"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/5-delete-campaign","title":"Deleting an access certification campaign"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/6-campaign-database","title":"Access certification campaigns as database objects"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/7-expiration-policy","title":"Expiration policy"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml","title":"Add SAML SP to OpenIAM"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/8-multiple-reviwer-campaigns","title":"Multi-reviewer user access review campaigns"}}},{"node":{"fields":{"slug":"/admin/8-sso/3-oidc","title":"OpenID Connect"}}},{"node":{"fields":{"slug":"/admin/8-sso/5-auth_scopes","title":"OpenIAM oAuth scopes"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/1-formfill","title":"Form Fill"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/3-urlrewriting","title":"URL Rewriting"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/6-example","title":"Examples"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/thesaurus","title":"Access Certification Thesaurus"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/2-headerinj","title":"Header Injection"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/7-rProxy-loadbalancer","title":"Reverse Proxy with Load Balancer"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/9-segregation-of-duties","title":"Segregation of Duties (SoD) policies"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/9-directive-reference","title":"mod_openiam Directive Reference"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/1-powershellconnectorinstallation","title":"Installing PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal","title":"WinLocal OpenIAM connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-dynamics365FO","title":"Dynamics365 Finance&Operations connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/13-successfactors","title":"SuccessFactors connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-WindowsPasswordFilter","title":"AD Password Filter"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/14-psgraph","title":"Microsoft Graph PowerShell connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/15-powershell-generic","title":"Building a custom PowerShell connector for OpenIAM"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2","title":"oAuth 2.0"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/16-teams","title":"Microsoft Teams connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/2-powershellconnectorsusage","title":"Using PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/3-powershellconnectorupdate","title":"Updating PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/5-azuread","title":"Entra ID/O365 connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/6-exchange","title":"Exchange connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/7-azuredevops","title":"Azure DevOps connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/GroovyScriptConnector","title":"Configuring Groovy Script connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/connector-request-template","title":"OpenIAM connector request template"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/1-customcss","title":"Creating custom CSS"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/2-cssexamples","title":"CSS file examples"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman","title":"Getting started with Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python","title":"Getting started with Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java","title":"Getting started with Java"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/9-sqlserver","title":"Microsoft SQL Server connector"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/1-provision-on-date","title":"Provision/Deprovision on date"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/8-dynamics365","title":"Dynamics365 connector"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/1-usermodel","title":"User data model"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-certification","title":"/webconsole - access-certification"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-right","title":"/webconsole - access-right"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/8-kerberos","title":"Setting up Kerberos via rProxy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/audit-log","title":"/webconsole - audit-log"}}},{"node":{"fields":{"slug":"/developerguide/8-api/auth-provider","title":"/webconsole - auth-provider"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/2-rbacmodel","title":"Access control model"}}},{"node":{"fields":{"slug":"/developerguide/8-api/authentication-grouping","title":"/webconsole - authentication-grouping"}}},{"node":{"fields":{"slug":"/developerguide/8-api/batch","title":"/webconsole - batch"}}},{"node":{"fields":{"slug":"/developerguide/8-api/challenge-response","title":"/webconsole - challenge-response"}}},{"node":{"fields":{"slug":"/developerguide/8-api/connector","title":"/webconsole - connector"}}},{"node":{"fields":{"slug":"/developerguide/8-api/content-provider","title":"/webconsole - content-provider"}}},{"node":{"fields":{"slug":"/developerguide/8-api/email","title":"/webconsole - email"}}},{"node":{"fields":{"slug":"/developerguide/8-api/field","title":"/webconsole - field"}}},{"node":{"fields":{"slug":"/developerguide/8-api/groovy-manager","title":"/webconsole - groovy-manager"}}},{"node":{"fields":{"slug":"/developerguide/8-api/group","title":"/webconsole - group"}}},{"node":{"fields":{"slug":"/developerguide/8-api/approver-association","title":"/webconsole - approver-association"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-oauth","title":"/idp - idp-oauth"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-rest","title":"/idp - idp-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/it-policy","title":"/webconsole - it-policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/managed-system","title":"/webconsole - managed-system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/menu","title":"/webconsole - menu"}}},{"node":{"fields":{"slug":"/developerguide/8-api/metadata","title":"/webconsole - metadata"}}},{"node":{"fields":{"slug":"/developerguide/8-api/oauth","title":"/webconsole - oauth"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization-type","title":"/webconsole - organization-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/elastic-search","title":"/webconsole - elastic-search"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization","title":"/webconsole - organization"}}},{"node":{"fields":{"slug":"/developerguide/8-api/page-template","title":"/webconsole - page-template"}}},{"node":{"fields":{"slug":"/developerguide/8-api/policy","title":"/webconsole - policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/report","title":"/webconsole - report"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource-type","title":"/webconsole - resource-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/role","title":"/webconsole - role"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-config","title":"/webconsole - sync-config"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-rest","title":"/webconsole - sync-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource","title":"/webconsole - resource"}}},{"node":{"fields":{"slug":"/developerguide/8-api/system","title":"/webconsole - system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/uri-pattern","title":"/webconsole - uri-pattern"}}},{"node":{"fields":{"slug":"/developerguide/8-api/user","title":"/webconsole - user"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov","title":"Automated provisioning Scripts"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import","title":"Import from application"}}},{"node":{"fields":{"slug":"/developerguide/8-api/property-value","title":"/webconsole - property-value"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/4-relations-with-manager","title":"Populating a manager"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/2-access-certification-reminder","title":"Notification reminders for approvers"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/1-forgotpassword","title":"Forgot password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/2-updateprofile","title":"Updating user profile"}}},{"node":{"fields":{"slug":"/developerguide/8-api/ui-theme","title":"/webconsole - ui-theme"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/3-changepassword","title":"Updating your password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/4-outofoffice","title":"Out of office assistant"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/5-forgotusername","title":"Forgot username"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/1-servicecatalog","title":"Requesting access via catalog"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/11-accessprofiles","title":"Access profiles"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/12-bulkupload","title":"Uploading users in bulk"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/13-workflowsoverview","title":"Workflows Overview"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/6-updatesecquestions","title":"Updating security questions"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/3-importing_groups","title":"Importing groups from application"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/10-positionchange","title":"Position change request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/5-approverequest","title":"Approving requests"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/7-requesthistory","title":"Requests history"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/8-newgroup","title":"Creating a group request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/6-requestadministration","title":"Request administration"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/9-newuser","title":"Creating a new user"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/1-viewmyaccess","title":"View my access"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/3-UAR-in-Self-Service","title":"User access review module in SelfService"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/2-directreports","title":"View direct reports"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/1-designrole","title":"Designing business roles"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/2-jobprofile","title":"Requesting access from profile"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/3-connector-planning","title":"Connector requirements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements","title":"Importing entitlements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements","title":"Importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial","title":"Automated provisioning tutorial"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/1-jml","title":"Joiners, movers, leavers processes"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/10-ha-rpm","title":"High availability (HA) deployment using RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode","title":"Single VM Install"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/11-configuration-options","title":"Configuration options in RPM"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect","title":"Deploying and registering connectors"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/2-rproxy","title":"r-Proxy installation in RPM"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/2-openiam-access-role","title":"Designing access roles"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/4-backup","title":"RPM backup / recovery"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/12-migrating-onpremises-to-cloud","title":"Migrating OpenIAM from on-premises installation to a cloud-based infrastructure"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports","title":"Deployment architecture in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-migrating-non-production-to-production-environment","title":"Migrating non-production to production environment in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB","title":"Installing OpenIAM with a remote database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading","title":"Upgrading OpenIAM in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/8-ssl","title":"Configuring HTTPS in RPM"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/2-Configuration-options","title":"Configuration options in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading","title":"Upgrading OpenIAM in Docker environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/4-YAML-files","title":"Docker YAML files"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/6-externalDB","title":"Installing OpenIAM with a remote database in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/5-docker-swarm-backup","title":"Backup / restore in Docker Swarm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/10-backup-and-restoration","title":"Backup and restoration procedure in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/1-ssl","title":"Configuring HTTPS in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/1-https","title":"Configuring HTTPS on Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/12-vault-migration-fromRPM-toK8","title":"Migration of Vault from RPM-based cluster to Kubernetes-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/11-common-scenario","title":"Installing OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/9-rabbitssl","title":"Enable TLS for RabbitMQ in RPM"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/13-image-migration-guide","title":"Image migration script"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/2-deployment-with-terraform","title":"Deploying OpenIAM with Terraform"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/3-depl-without-terraform","title":"Deploying OpenIAM on Kubernetes using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/4-RabbitMQ-TLS","title":"RabbitMQ TLS directory in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading","title":"Upgrading OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms","title":"Kubernetes Platforms"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/8-AKS_with_ext_MSSQL","title":"Deploying OpenIAM on AKS (Kubernetes) with an external MSSQL database"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/9-remoteDB","title":"Installing OpenIAM with a remote database in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/2-connect-to-cluster","title":"Connect to OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/4-some-descriptions-helm","title":"Memory requirements for OpenShift deployment with Helm"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/5-localhost-dev-cluster","title":"Localhost development cluster"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/6-deploy-from-windows","title":"Deploy OpenIAM to OpenShift cluster with Helm (from Windows)"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/3-deploy-OpenIAM-helm","title":"Deploy OpenIAM to OpenShift cluster with Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/7-useal-keys-restoration","title":"Backing up and restoring the vault unseal keys in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/9-data_migration/1-migrating_ES_Docker","title":"Verifying and migrating Elasticsearch data in Docker-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/01-log4j","title":"Log4j Vulnerability"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/02-hardening","title":"Securing your installation"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/03-db-switch","title":"Change OpenIAM product database"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/04-compatibility","title":"Compatibility matrix"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/1-create-cluster","title":"Creating an OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/05-postgres-install","title":"Installing PostgreSQL 15"}}},{"node":{"fields":{"slug":"/installation/99-miscellaneous/04-compatibility","title":"Compatibility Matrix"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/2-rabbitmq-UI","title":"RabbitMQ is not reached from UI in RPM installations"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/1-rabbitmq-reinit","title":"RabbitMQ cluster went out of order"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/3-Rabbitmq-connection-timeout","title":"RabbitMQ  connection timeout issue"}}},{"node":{"fields":{"slug":"/installation/8-sizing/1-small-k8","title":"Small Enterprise - K8"}}},{"node":{"fields":{"slug":"/installation/8-sizing/2-medium-k8","title":"Medium Enterprise - K8"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors/sync-vs-async-source","title":"Synchronous vs. asynchronous synchronization source for connectors"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/1-connectorlogs","title":"View container logs"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/2-containersrestart","title":"Containers Restarting"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/3-uninstall","title":"Remove an OpenIAM Docker Install"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/4-troubleshooting-steps","title":"Troubleshooting steps in a container-based cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/5-log-checking-guide","title":"Docker log checking guide"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/disableswap","title":"Disable swap"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/memoryutili","title":"Check memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/redismemory","title":"Redis memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/JDBC-connection-pool","title":"Increasing the JDBC connection pool size"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/activationlink","title":"Error when sending activation link"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-forbidden","title":"Access Forbidden error"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/audit-doc-timestamp","title":"Audit document timestamp issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/auth-manager","title":"Backend exception error when running authentication manager"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/database-reset","title":"Database reset"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/elasticsearch-readonly-state","title":"Elasticsearch read-only state"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/increasing-RAM","title":"Increasing memory for OpenIAM services"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/debug-logs-CassandraJanusGraph","title":"Enabling and disabling debug logs for Cassandra and JanusGraph"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-after-migration","title":"Access problem after migrating OpenIAM"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/pad-block-corrupted","title":"PAD Block Corrupted"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/modifly_system_labels_and_messages","title":"Changing system labels and messages"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/remove-navigation-bar","title":"Removing menu items from top navigation bar"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/lackof_disk_space","title":"Running out of disk space"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/report-generation-issue","title":"Error during report generating in RPM installations"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/resetting_passwords","title":"Resetting passwords"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/run_flyway_repair_mode","title":"Run Flyway in repair mode"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/username_in_selfservice","title":"Username not shown in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/unlocksysadmin","title":"Unlock sysadmin"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/failed-dependencies","title":"Failed dependencies"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/flyway_version","title":"Flyway version issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/my-application-page-selfservice","title":"Changing refresh time for My Applications page in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/trobleshooting_guide","title":"Troubleshooting guide for RPM"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/1-userpage","title":"Configuring user page templates"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/2-customuserpage","title":"Creating more custom user edit pages"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/4-customtemplates","title":"Custom form templates"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/1-system","title":"System tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/2-regex-validation","title":"Validation regular expressions"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/3-UI","title":"UI tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/4-workflow","title":"Workflow tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/6-password","title":"Password tab"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/overriding-app-properties","title":"Overriding UI application properties"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/7-authentication","title":"Authentication tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/5-organization-tab","title":"Organization tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/1-emailtemplates","title":"Email templates"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/2-smtpconfig","title":"Mailbox Configuration"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/3-multilanguagemail","title":"Multilanguage emails"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/9-health-checks","title":"Configuring health checks for managed systems"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/4-mail-via-azure","title":"Mailbox configuration via Azure application"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/8-auditeventstosyslog","title":"Exporting audit events to syslogs"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/4-appleidsociallogin","title":"AppleID Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/3-linkedinsociallogin","title":"LinkedIn Social Login"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/1-enduseraccess","title":"End-user access roles"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/2-adminaccess","title":"Admin access role"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/3-FAQ","title":"FAQs about menus and their use"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/4-Config-Lhand-menu-SS-MyInfo","title":"Configurable left-hand menu in SelfService 'My Info' page"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups/1-create-group","title":"Creating a group"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/5-alert-notifications","title":"Configuring alert notifications"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/6-email-template-variables","title":"Email template variables reference"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications/1-reg-applications","title":"Register applications"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/1-googlesociallogin","title":"Google Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/2-facebooksociallogin","title":"Facebook Social Login"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml/1-jit-provisioning","title":"Just-in-time Provisioning"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2/1-Auth-code-grand","title":"Authorization code grant type"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/1-role-types","title":"Types of roles existing in OpenIAM"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/2-createrole","title":"Create role"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/3-findrole","title":"Finding an existing role"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/5-importingroles","title":"Importing roles"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/1-winlocalv4","title":"Version 4"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/1-createauthprovider","title":"Create OpenIAM Provider for Postman"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/2-winlocalv5","title":"Version 5"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/2-postmanconfig","title":"Create Postman collection"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config/1-prepost-processor","title":"Pre/PostProcessor"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/3-add-request","title":"Define an API request in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/6-example","title":"Client credentials flow with a defined scope in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/5-postman-links","title":"Postman API documentation links"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/1-createauthprovider","title":"Create OpenIAM oAuth provider in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/2-grantinguathz","title":"Granting authorization to the API with Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/3-api-call-examples","title":"API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/4-enabling-disabling-user","title":"Enabling/Disabling a user with API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/5-object-oriented-impl-example","title":"Object oriented implementation for REST API in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/6-OTP-verification","title":"OTP Verification in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/4-calls-examples","title":"API calls examples in Java"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/5-enabling-disabling-users","title":"Enabling/Disabling a user with API calls examples in Java"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/4-JWT-tokens","title":"Getting started with JWT tokens in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/2-grantauthz","title":"Granting authorization to the API with Java"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov/1-newhires","title":"New hires"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/3-azuread","title":"Entra ID"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/6-importroles","title":"Import Roles"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/2-rpm","title":"Connectors via RPM"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/1-createauthprovider","title":"Create OpenIAM Provider"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/3-docker","title":" Connectors via Docker"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/4-k8","title":" Connectors via Kubernetes"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/3-creating-searching-users","title":"Creating and searching a user with API call in Java"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/1-configuring-synch","title":"Configuring synchronization for importing entitlements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/3-common-questions","title":"Common questions"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/1-provisioningCSV","title":"Creating a synchronization configuration for the source"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/2-policymap","title":"Policy map"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/3-creatingrole","title":"Creating role"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/5-transfer","title":"Transfer"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/6-termination","title":"Terminations"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/1-rpm-with-internet","title":"Installation with Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/2-rpm-no-internet","title":"Installation without Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/3-nonroot-partition","title":"Installing OpenIAM on a non-root partition"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/1-config-synch","title":"Configuring synchronization for importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/1-one-node","title":"Single node deployment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/2-three-node","title":"Three node cluster"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/3-troubleshooting","title":"Troubleshooting"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/10-upgrading-2026-4-2","title":"Upgrading OpenIAM to v.2026.4.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/2-upgradingto-42110","title":"Upgrading from version 4.2.1.5-4.2-4.2.1.8 to version 4.2.1.10 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/3-upgradingto-42111","title":"Upgrading from versions 4.2.1.9-4.2.1.10 to version 4.2.1.11 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-migrating-index-data","title":"Migration of index data from older ElasticSearch versions to newer one"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/4-birthright","title":"New hire"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-upgradingto-42115","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/6-infra-upgrade-42113","title":"Infrastructure upgrade in v4.2.1.13"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-infrastructure_upgrade","title":"Infrastructure upgrade"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/7-upgradingto-422","title":"Upgrading OpenIAM from versions 4.2.1.x to 2026.6.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrade2026.5.2","title":"Upgrading notes for v.2026.5.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrade2026.6.1","title":"Upgrading notes for v.2026.6.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/1-databasemigration","title":"Database migration from version 3.X to 4.X"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-2-1","title":"Upgrading OpenIAM to v.2026.2.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-1","title":"Upgrading OpenIAM to v.2026.3.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-2","title":"Upgrading OpenIAM to v.2026.3.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-upgradingto-42112","title":"Upgrading from versions 4.2.1.x to version 4.2.1.12 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/2-postgres","title":"Installing OpenIAM with a remote Postgres database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/3-MSSQL","title":"Installing OpenIAM with a remote MSSQL database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/1-oracle","title":"Installing OpenIAM with a remote Oracle database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/1-upgrade-4219","title":"Upgrade from version 4.2.1.5-4.2.1.8 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/2-upgrade-42110","title":"Upgrade from version 4.2.1.9 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/3-upgrade-42111","title":"Upgrade from version 4.2.1.10 to version 4.2.1.11 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/4-upgrade-42115","title":"Upgrade from version 4.2.1.x to version 4.2.1.15 in Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/4-upgrade-42115k8","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/5-upgrade-42112k8","title":"Upgrading from version 4.2.1.x to version 4.2.1.12 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/6-upgrade-422k8","title":"Upgrading from version 4.2.1.x to version 4.2.2 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/3-upgrade-42113k8-rabbitmq","title":"Upgrading from version below 4.2.1.8 to version 4.2.1.13 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/7-upg-notes20206.5.2","title":"Upgrading notes for v.2026.5.2 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/9-422-changes","title":"Known issues related to upgrading from 4.2.1.x to 2026.4.1 version"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/1-gce","title":"GCE Kubernetes guide"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/2-aws","title":"AWS Kubernetes guide"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/3-helm","title":"Private Kubernetes Cluster using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/4-azure","title":"Azure Kubernetes Guide"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/1-ldapvalidation","title":"Synchronization Validation Script"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/3-ldapattributeslists","title":"LDAP Attribute list for User Synchronization"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/1-ADgroup-transformation","title":"Sample transformation script for AD groups"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/2-ldapsynchusers","title":"LDAP User Synchronization Script"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/3-ADtransformation-usergroup","title":"Sample transformation script for AD users and group memberships"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/4-csv-users-entitlements","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/8-upg-notes2026.6.1","title":"Upgrading notes for v.2026.6.1 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/2-csv-transformation","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.2","title":"Release 4.2.2"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/4-adpowershell","title":"Active Directory PowerShell connector"}}},{"node":{"fields":{"slug":"/appendix/5-message_en_file","title":"Message properties"}}}]}},"pageContext":{"id":"23ed240f-f908-50fb-8d1b-adbfe11b87d2"}},
    "staticQueryHashes": ["2619113677","3706406642","417421954"]}