[midPoint] Question about Password Secret Question Reset Policy Use

Peter Healy phealy3330 at gmail.com
Thu Apr 6 22:36:28 CEST 2017


Hi All,
I am currently in the process of replacing IBM ISIM with MidPoint. One of
the functions that ISIM does for us is that it exposes an API to all our
application to make calls on behalf of users to reset their passwords and
answer security questions to authorize the reset.

I found this example
https://github.com/Evolveum/midpoint/blob/master/samples/objects/security-policy-password.xml
that references resetMethod and resetType.
I also found this example
https://github.com/Evolveum/midpoint/blob/master/samples/objects/security-policy-security-questions.xml

But I'm not sure in which context to use them or how to integrate them into
my MidPoint installation.

Is there an API call that can be used by our application to query for the
secret questions or better yet supply the answers in the call and have
MidPoint validate the answers that were supplied?

Additionally I have already configured a reset password by Email policy for
MidPoint, which is working. Can I have both an email reset and a secret
question reset policy that co-exist or are they mutually exclusive?

Thanks,
Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170406/d78f1e2f/attachment.htm>


More information about the midPoint mailing list