Get Password Complexity Settings

GET /policies/password/complexity

Returns the password complexity settings configured on the organization. The settings specify how a password should look (characters, length, etc.)

Request

Header Parameters

x-zitadel-orgid string

The default is always the organization of the requesting user. If you like to get/set a result of another organization include the header. Make sure the user has permission to access the requested data.

Responses

200
default

A successful response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

policy

object

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

minLength uint64

hasUppercase boolean

defines if the password MUST contain an upper case letter

hasLowercase boolean

defines if the password MUST contain a lowercase letter

hasNumber boolean

defines if the password MUST contain a number

hasSymbol boolean

defines if the password MUST contain a symbol. E.g. "$"

isDefault boolean

defines if the organization's admin changed the policy

isDefault deprecated: is_default is also defined in zitadel.policy.v1.PasswordComplexityPolicy (boolean)

Deprecated: Is defined in the policy itself

{
  "policy": {
    "details": {
      "sequence": "2",
      "creationDate": "2025-05-08T15:15:58.470Z",
      "changeDate": "2025-05-08T15:15:58.470Z",
      "resourceOwner": "69629023906488334"
    },
    "minLength": "8",
    "hasUppercase": true,
    "hasLowercase": true,
    "hasNumber": true,
    "hasSymbol": true,
    "isDefault": true
  },
  "isDefault": true
}

Schema
Example (from schema)

Schema

policy

object

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

minLength uint64

hasUppercase boolean

defines if the password MUST contain an upper case letter

hasLowercase boolean

defines if the password MUST contain a lowercase letter

hasNumber boolean

defines if the password MUST contain a number

hasSymbol boolean

defines if the password MUST contain a symbol. E.g. "$"

isDefault boolean

defines if the organization's admin changed the policy

isDefault deprecated: is_default is also defined in zitadel.policy.v1.PasswordComplexityPolicy (boolean)

Deprecated: Is defined in the policy itself

{
  "policy": {
    "details": {
      "sequence": "2",
      "creationDate": "2025-05-08T15:15:58.470Z",
      "changeDate": "2025-05-08T15:15:58.470Z",
      "resourceOwner": "69629023906488334"
    },
    "minLength": "8",
    "hasUppercase": true,
    "hasLowercase": true,
    "hasNumber": true,
    "hasSymbol": true,
    "isDefault": true
  },
  "isDefault": true
}

Schema
Example (from schema)

Schema

policy

object

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

minLength uint64

hasUppercase boolean

defines if the password MUST contain an upper case letter

hasLowercase boolean

defines if the password MUST contain a lowercase letter

hasNumber boolean

defines if the password MUST contain a number

hasSymbol boolean

defines if the password MUST contain a symbol. E.g. "$"

isDefault boolean

defines if the organization's admin changed the policy

isDefault deprecated: is_default is also defined in zitadel.policy.v1.PasswordComplexityPolicy (boolean)

Deprecated: Is defined in the policy itself

{
  "policy": {
    "details": {
      "sequence": "2",
      "creationDate": "2025-05-08T15:15:58.471Z",
      "changeDate": "2025-05-08T15:15:58.471Z",
      "resourceOwner": "69629023906488334"
    },
    "minLength": "8",
    "hasUppercase": true,
    "hasLowercase": true,
    "hasNumber": true,
    "hasSymbol": true,
    "isDefault": true
  },
  "isDefault": true
}

An unexpected error response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Get Password Complexity Settings

/policies/password/complexity

Request​

Header Parameters

Responses​

Request

Responses