Skip to main content

Update Password Lockout Settings

Update the password lockout settings configured on the instance. It affects all organizations, that do not have a custom setting configured. The settings specify when a user should be locked (e.g how many password attempts). The user has to be unlocked by an administrator afterward.

Request Body required
  • maxPasswordAttempts int64

    Maximum password check attempts before the account gets locked. Attempts are reset as soon as the password is entered correctly or the password is reset.

Responses

A successful response.

Schema
  • details object
  • sequence uint64

    on read: the sequence of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

  • creationDate date-time

    on read: the timestamp of the first event of the object

    on create: the timestamp of the event(s) added by the manipulation

  • changeDate date-time

    on read: the timestamp of the last event reduced by the projection

    on manipulation: the

  • resourceOwner resource_owner is the organization an object belongs to
PUT /policies/password/lockout

Authorization

type: oauth2flow: authorizationCodescopes: openid,urn:zitadel:iam:org:project:id:zitadel:aud

Request

Base URL
https://$ZITADEL_DOMAIN/admin/v1
Bearer Token
Content-Type
Body required
{

  "maxPasswordAttempts": "10"

}
Accept
curl -L -X PUT 'https://$ZITADEL_DOMAIN/admin/v1/policies/password/lockout' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "maxPasswordAttempts": "10"
}'