OneSpan Sign Admin: Password Policy – Part 2
A strong password policy is the front line of cyber defense protecting your transactions and private information.
In this blog, we will pick up where we left off from “OneSpan Sign Admin: Password Policy — Part 1” and introduce the rest of the account password policies and conclude with a workflow to reset the password for a sender through API. Let’s get started.
Password Policy for OneSpan Sign
Rule 4: Specify the Password Complexity
Password complexity includes:
• Minimum character length
• Choose the minimum requirements from the password strength rules
Once specified, the password strength rule will be applied to the password reset page and the new user registration page.
The password complexity rules you set are rendered as a password strength bar. By clicking the question mark, the user can review the specified rules.
Rule 5: Specify the Maximum Invalid Login Attempts
This rule sets the maximum number of times a user can provide an incorrect password before their account gets locked out. You may choose between one and ten attempts.
Reset Sender’s Password through API
As the account manager, if your account members forgot their password for some reason, OneSpan Sign provides you the ability to initialize a password reset email, sending to your sender’s email address.
Step1: Get Sender’s ID
To send out the reset password email, you will need their sender ID, which you can search by your sender’s first name, last name, or email address using API request below.
HTTP Request
GET /api/account/senders?from=1&to=100&search={fisrtName/lastName/Email}
HTTP Headers
Accept: application/json Content-Type: application/json Authorization: Basic api_key
Response Payload
{
"results": [
{
"address": null,
"company": "your_compnay_name",
"timezoneId": "EST",
"created": "2019-07-30T15:52:49Z",
"email": "[email protected]",
"external": null,
"firstName": "Mary",
"language": "en",
"lastName": "Doe",
"phone": "",
"professionalIdentityFields": [],
"signature": null,
"title": null,
"updated": "2019-07-30T15:52:49Z",
"userCustomFields": [],
"specialTypes": [],
"passwordTimestamp": null,
"id": "IkV7ykSic6EU",
"status": "ACTIVE",
"locked": null,
"memberships": [],
"activated": null,
"account": {...},
"name": "",
"type": "REGULAR",
"data": {...},
"hasDelegates": false
}
],
"count": 1
}
The "search" parameter is used to filter search results. Only users whose First Name, Last Name, or Email Address matches the string will be listed. A Wildcard search will be performed by default, therefore if you search by "@example.com", all senders with this email domain will be returned. And the “id” attribute is what you want to retrieve in the response payload.
Step2: Send Reset Password Email
Next, you can send the reset password email using API request illustrated below:
HTTP Request
POST /api/account/senders/{senderId}/resetpassword
HTTP Headers
Accept: application/json Content-Type: application/json Authorization: Basic api_key
After running the code, your sender should be able to receive a reset password email looks like below:
The link in the email will lead the user to the reset password page:
Through this blog series, we’ve covered all the password polices that help your senders create more reliable and secure passwords. Also, the information above should be enough for you to implement a workflow to reset the password through the API.
If you have any questions regarding this blog or any other concerns about integrating OneSpan Sign into your application, visit the Developer Community Forums. Your feedback is important to us!
OneSpan Developer Community
Join the OneSpan Developer Community! Forums, blogs, documentation, SDK downloads, and more.
Join Today
