Password expiry
Configure password expiration for user and service accounts
SnapLogic Environment admins can configure password expiration for user and service accounts. Passwords can be expired immediately or periodically, in a specified number of days. With periodic expiration, the expiration notice period determines how far in advance users start receiving a notification to reset their password.
Limitations include:
- You can only expire passwords for users whose accounts are all in environments where you have administrative privileges.
For example, if Tom has an account in environment
dev
and environmentprod
, but you are only an Environment admin inprod
, his password will not expire when you click Expire all passwords. - Password expiration does not apply to users who log in using SSO.
User accounts with expired passwords:
- Cannot invoke SnapLogic Public APIs.
- Scheduled Tasks they created stop running.
- Must reset the account password by providing the old password and creating a new one. This applies to the API for updating user accounts and to UI logins.
By default, password expiration is disabled with a value of 0 days:
Controls include:
- Expiration period: Set the number of days before all passwords expire, including those for service accounts. Valid values are from 0, which means passwords do not expire, to 90 days. The default value is 0 days, no expiration.
- Expiration notice period: Set the number of days before expiration when users start receiving notices to reset their passwords. The notification displays on login. The notice period value can be from 1 to 14 days. The default value is 14 days.
- Expire all passwords: Immediately signs out all users, including you, and forces all users to reset their passwords.