[security_compliance] disable_user_account_days_inactive = |
(IntOpt) The maximum number of days a user can go without authenticating before being considered “inactive” and automatically disabled (locked). |
[security_compliance] lockout_failure_attempts = |
(IntOpt) The maximum number of times that a user can fail to authenticate before the user account is locked. |
[security_compliance] lockout_duration = 1800 |
(IntOpt) The number of seconds a user account will be locked when the maximum number of failed authentication attempts is exceeded. |
[security_compliance] password_expires_days = <None> |
(IntOpt) The number of days for which a password will be considered valid before requiring it to be changed. |
[security_compliance] password_expires_ignore_user_ids = |
(StrOpt) User IDs to be ignored when checking if a password is expired. |
[security_compliance] unique_last_password_count = 1 |
(IntOpt) Controls the number of previous user password iterations to keep in history, in order to enforce that newly created passwords are unique. |
[security_compliance] minimum_password_age = 0 |
(IntOpt)The number of days that a password must be used before the user can change it. |
[security_compliance] password_regex = <None> |
(StrOpt) Validate password strength requirements. |
[security_compliance] password_regex_description = <None> |
(StrOpt) Humans language to describe password regular expression. |
[token] cache_on_issue = false |
(BoolOpt) Enable storing issued token data to token validation cache so that first token validation doesn’t actually cause full validation cycle. |