You need to sign in to do that
Don't have an account?
Amol Dixit
Salesforce API's for "Salesforce Password policies"
Hi,
I want to get User level Salesforce Password policies fields such as
1) User password Expire in
2) Minimum password length. etc.
To enforce it on my custom password, whether it is following it or not? (In custom page with APEX and VF)
What objects are used for this, I have searched it, but couldn't found. Is there any API provided for this?
Thank you.
Warm Regards,
Amol Dixit.
Hi..
Hope this will help :
http://www.miiworks.com/support/faqs/82-salesforce-password-policies
http://www.infallibletechie.com/2012/12/password-policies-are-user-security.html
Please accept my answer as a solution if my solution was helpful. This will make it available to others as a proper answer. If you felt that I went above and beyond please give me Kudos by clicking on on the star icon.
Thanks,
Cool Sfdc
Hi,
Thanks for your reply.
I know this functionality from UI.
But want to know the API's provided in salesforce (APEX). Because I have custom VF page and want to get it for custom password validation. What all standard objects are involved?
Thanks.
Warm Regads,
Amol Dixit
There's no "API" for determining the session timeout or password policies. You could attempt to use "screen scraping", but this only works assuming the user has at least View Setup and Configuration on their profile. This method would be hard to implement and easy to break in a release. You're probably better off simply submitting the password to change to and let the platform tell you if the change was successful or not-- you'll get an error message if the password is unacceptable (e.g. because it was recently used, does not meet complexity, etc).
1. Decide and implement the appropriate OAuth flow for you application to get the access token.
2. A get request to <Instance_URL>/services/data/v44.0/tooling/query?q=select+id+from+SecuritySettings. This will return you settings URL.
3. Send another GET request to the settings URL with the same access token to get the required data.
You will need to send the access token in the Authorization Header (Bearer <access_token>) in both the GET requests.
Hope this helps. Let me know if you need more info.