Name Type Description
doNotAllowUsername Boolean

Set to true to disallow the username as part of the password.

Default is false.

maxPasswordAge Number

Set the number of days after which a password expires. Login attempts fail if the user does not reset the password before expiration.

maxPasswordHistory Number

Set the number of previous password that will not be allowed to be set as new password. If the option is not set or set to 0, no previous passwords will be considered.

Valid values are >= 0 and <= 20.
Default is 0.

resetTokenReuseIfValid Boolean

Set to true if a password reset token should be reused in case another token is requested but there is a token that is still valid, i.e. has not expired. This avoids the often observed issue that a user requests multiple emails and does not know which link contains a valid token because each newly generated token would invalidate the previous token.

Default is false.

resetTokenValidityDuration Number

Set the validity duration of the password reset token in seconds after which the token expires. The token is used in the link that is set in the email. After the token expires, the link becomes invalid and a new link has to be sent. If the option is not set or set to undefined, then the token never expires.

For example, to expire the token after 2 hours, set a value of 7200 seconds (= 60 seconds * 60 minutes * 2 hours).

Default is undefined.

validationError String

Set the error message to be sent.

Default is Password does not meet the Password Policy requirements.

validatorCallback function

Set a callback function to validate a password to be accepted.

If used in combination with validatorPattern, the password must pass both to be accepted.

validatorPattern String

Set the regular expression validation pattern a password must match to be accepted.

If used in combination with validatorCallback, the password must pass both to be accepted.