Common API Tasks🐈: Update password rules

Common API Tasks: Update password rules

Welcome to a marvelous new edition of the CAT🐈 (Common API Tasks) blog series. The CAT blogs provide all you need to complete small, specific, SDK-supported tasks using one of our APIs. You can find all articles in this series on the Docusign Developer Blog. 

In today’s edition we’re going to talk about passwords: those little annoying pieces of text one has to enter to authenticate into some online service. In our case, we’re talking about the Docusign account password. Administrators of a given Docusign account can control the password rules for every user of the account. They can decide how complex a password must be in order to be used to access Docusign. This includes the minimum character length as well as requirements to include certain characters. 

The administrators can modify these requirements by going to the Docusign eSignature Settings page and, under Security Settings, selecting SHOW PASSWORD RULES, which will pop up the following dialog:

Password rules dialog box

However, all of the settings in this dialog can also be modified programmatically using the eSignature REST API, and that’s what I’m about to show you. 

The following code snippets demonstrate how to first check the minimum allowed password length. Then, if it’s not at least 8 characters, the code makes another API call to update the password rules and set the minimum password length to 8. There are other things you can change here and you can explore them on your own. 

Note: The access token for making API calls in the code examples below must come from a user with administrator privileges. These settings are account-wide and are not just for the logged-in user. 

Also note that in this case, if a user had a password with, say, 7 characters, they would still be able to log in to Docusign after you make this change. However, after they log in, they’ll be prompted to change their password and make it compliant with the new policy.

And without further ado, here are the six code snippets:


var apiClient = new ApiClient(basePath);
// You will need to obtain an access token using your chosen authentication flow
apiClient.Configuration.DefaultHeader.Add("Authorization", "Bearer " + accessToken);
AccountsApi accountsApi = new AccountsApi(apiClient);
var accountPasswordRules = accountsApi.GetPasswordRules(accountId);
int minPassword = int.Parse(accountPasswordRules.MinimumPasswordLength);
if (minPassword < 8)
    accountPasswordRules.MinimumPasswordLength = "8";
    accountsApi.UpdatePasswordRules(accountId, accountPasswordRules);    


// You will need to obtain an access token using your chosen authentication flow 
Configuration config = new Configuration(new ApiClient(basePath));
config.addDefaultHeader("Authorization", "Bearer " + accessToken);
AccountsApi accountsApi = new AccountsApi(config);
AccountPasswordRules accountPasswordRules = accountsApi.GetPasswordRules(accountId);
int minPassword = parseInt(accountPasswordRules.getMinimumPasswordLength());
if (minPassword < 8)
    accountsApi.UpdatePasswordRules(accountId, accountPasswordRules);   


// You will need to obtain an access token using your chosen authentication flow 
let dsApiClient = new docusign.ApiClient();
dsApiClient.addDefaultHeader('Authorization', 'Bearer ' + accessToken);
let accountsApi = new docusign.AccountsApi(apiClient);
let accountPasswordRules = accountsApi.getPasswordRules(accountId);
let minPassword = accountPasswordRules.MinimumPasswordLength;
if (minPassword < 8)
    accountPasswordRules.minimumPasswordLength = "8";
    accountsApi.updatePasswordRules(accountId, accountPasswordRules);          


# You will need to obtain an access token using your chosen authentication flow 
$api_client = new \Docusign\eSign\client\ApiClient($base_path);
$config = new \Docusign\eSign\Model\Configuration($api_client);
$config->addDefaultHeader('Authorization', 'Bearer ' + $access_token);
$account_api = new \Docusign\eSign\Api\AccountsApi($api_client);
$account_password_rules = $accounts_api->getPasswordRules(accountId);
$min_password = intval($account_password_rules->getMinimumPasswordLength());
if ($min_password < 8)
    $accounts_api->updatePasswordRules($account_id, $account_password_rules);           


# You will need to obtain an access token using your chosen authentication flow 
api_client = ApiClient()
api_client.set_default_header('Authorization', 'Bearer ' + access_token)
accounts_api = AccountsApi(api_client)
account_password_rules = accounts_api.get_password_rules(account_id)
min_password = int(account_password_rules.minimum_password_length)
if min_password < 8:
    account_password_rules.minimum_password_ength = '8'
    accounts_api.update_password_rules(account_id, account_password_rules)


# You will need to obtain an access token using your chosen authentication flow 
config = = base_path
api_client = config
api_client.DefaultHeader['Authorization'] = 'Bearer ' + access_token
accounts_api = api_client
account_password_rules = accounts_api.get_password_rules(account_id)
min_password = account_password_rules.minimum_password_length + 0
if min_password < 8
    account_password_rules.minimum_password_ength = '8'
    accounts_api.update_password_rules(account_id, account_password_rules)

And that’s a wrap! I hope you found it useful. If you have any questions, comments, or suggestions for topics for future Common API Tasks posts, feel free to email me. Until next time...

Additional resources

Inbar Gazit
Inbar Gazit
Sr. Manager, Developer Content