Identity Provider API, REST: Userpool.Create
- HTTP request
- Body parameters
- UserSettings
- PasswordQualityPolicy
- RequiredClasses
- MinLengthByClassSettings
- Fixed
- Smart
- PasswordLifetimePolicy
- BruteforceProtectionPolicy
- Response
- CreateUserpoolMetadata
- Status
- Userpool
- UserSettings
- PasswordQualityPolicy
- RequiredClasses
- MinLengthByClassSettings
- Fixed
- Smart
- PasswordLifetimePolicy
- BruteforceProtectionPolicy
Creates a userpool in the specified organization.
HTTP request
POST https://organization-manager.api.cloud.yandex.net/organization-manager/v1/idp/userpools
Body parameters
{
"organizationId": "string",
"name": "string",
"description": "string",
"labels": "object",
"defaultSubdomain": "string",
"userSettings": {
"allowEditSelfPassword": "boolean",
"allowEditSelfInfo": "boolean",
"allowEditSelfContacts": "boolean",
"allowEditSelfLogin": "boolean"
},
"passwordQualityPolicy": {
"allowSimilar": "boolean",
"maxLength": "string",
"minLength": "string",
"matchLength": "string",
"requiredClasses": {
"lowers": "boolean",
"uppers": "boolean",
"digits": "boolean",
"specials": "boolean"
},
"minLengthByClassSettings": {
"one": "string",
"two": "string",
"three": "string"
},
// Includes only one of the fields `fixed`, `smart`
"fixed": {
"lowersRequired": "boolean",
"uppersRequired": "boolean",
"digitsRequired": "boolean",
"specialsRequired": "boolean",
"minLength": "string"
},
"smart": {
"oneClass": "string",
"twoClasses": "string",
"threeClasses": "string",
"fourClasses": "string"
}
// end of the list of possible fields
},
"passwordLifetimePolicy": {
"minDaysCount": "string",
"maxDaysCount": "string"
},
"bruteforceProtectionPolicy": {
"window": "string",
"block": "string",
"attempts": "string"
}
}
Request to create a userpool.
|
Field |
Description |
|
organizationId |
string Required field. ID of the organization to create a userpool in. The maximum string length in characters is 50. |
|
name |
string Required field. Name of the userpool. Value must match the regular expression |
|
description |
string Description of the userpool. The maximum string length in characters is 256. |
|
labels |
object (map<string, string>) Resource labels as key:value pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression |
|
defaultSubdomain |
string Required field. Default subdomain for the userpool. The maximum string length in characters is 63. |
|
userSettings |
User settings for the userpool. |
|
passwordQualityPolicy |
Password quality policy for the userpool. |
|
passwordLifetimePolicy |
Password lifetime policy for the userpool. |
|
bruteforceProtectionPolicy |
Bruteforce protection policy for the userpool. |
UserSettings
Settings that control user capabilities within a userpool.
|
Field |
Description |
|
allowEditSelfPassword |
boolean Whether users can change their own passwords. |
|
allowEditSelfInfo |
boolean Whether users can edit their own profile information. |
|
allowEditSelfContacts |
boolean Whether users can edit their own contact information. |
|
allowEditSelfLogin |
boolean Whether users can edit their own login information. |
PasswordQualityPolicy
Policy that defines password quality requirements.
|
Field |
Description |
|
allowSimilar |
boolean Whether passwords similar to previous ones are allowed. |
|
maxLength |
string (int64) Maximum password length. Zero means no maximum length is enforced. The minimum value is 0. |
|
minLength |
string (int64) Minimum password length. The minimum value is 0. |
|
matchLength |
string (int64) Minimum length of substrings to check for similarity to vulnerable sequences. The minimum value is 0. |
|
requiredClasses |
Character classes required in passwords. |
|
minLengthByClassSettings |
Minimum length requirements based on character class diversity. |
|
fixed |
Fixed complexity requirements. Exactly one of complexity requirements must be specified. Includes only one of the fields Defines password complexity policy. |
|
smart |
Smart complexity requirements. Exactly one of complexity requirements must be specified. Includes only one of the fields Defines password complexity policy. |
RequiredClasses
Character classes that can be required in passwords.
|
Field |
Description |
|
lowers |
boolean Whether lowercase letters are required. |
|
uppers |
boolean Whether uppercase letters are required. |
|
digits |
boolean Whether digits are required. |
|
specials |
boolean Whether special characters are required. |
MinLengthByClassSettings
Minimum password length requirements based on character class diversity.
|
Field |
Description |
|
one |
string (int64) Minimum length for passwords with one character class. The minimum value is 0. |
|
two |
string (int64) Minimum length for passwords with two character classes. The minimum value is 0. |
|
three |
string (int64) Minimum length for passwords with three character classes. The minimum value is 0. |
Fixed
Fixed complexity policy enforces uniform password rules with required character classes and minimum length.
|
Field |
Description |
|
lowersRequired |
boolean Whether lowercase letters are required in the password. |
|
uppersRequired |
boolean Whether uppercase letters are required in the password. |
|
digitsRequired |
boolean Whether digits are required in the password. |
|
specialsRequired |
boolean Whether special characters are required in the password. |
|
minLength |
string (int64) Minimum length required for all passwords. The minimum value is 0. |
Smart
Smart complexity policy applies adaptive requirements based on character class diversity.
Zero value means passwords with this number of classes are forbidden.
|
Field |
Description |
|
oneClass |
string (int64) For passwords with one class of characters The minimum value is 0. |
|
twoClasses |
string (int64) For passwords with two classes of characters The minimum value is 0. |
|
threeClasses |
string (int64) For passwords with three classes of characters The minimum value is 0. |
|
fourClasses |
string (int64) For passwords with all four classes of characters The minimum value is 0. |
PasswordLifetimePolicy
Policy that defines password lifetime requirements.
|
Field |
Description |
|
minDaysCount |
string (int64) Minimum number of days before a password can be changed. The minimum value is 0. |
|
maxDaysCount |
string (int64) Maximum number of days a password remains valid. The minimum value is 0. |
BruteforceProtectionPolicy
Policy that defines protection against brute force attacks.
Zero or empty values disable bruteforce protection.
|
Field |
Description |
|
window |
string (duration) Time window for counting failed authentication attempts. |
|
block |
string (duration) Duration of the block after too many failed attempts. |
|
attempts |
string (int64) Number of failed attempts allowed within the window before blocking. Value must be greater than 0. |
Response
HTTP Code: 200 - OK
{
"id": "string",
"description": "string",
"createdAt": "string",
"createdBy": "string",
"modifiedAt": "string",
"done": "boolean",
"metadata": {
"userpoolId": "string"
},
// Includes only one of the fields `error`, `response`
"error": {
"code": "integer",
"message": "string",
"details": [
"object"
]
},
"response": {
"id": "string",
"organizationId": "string",
"name": "string",
"description": "string",
"labels": "object",
"createdAt": "string",
"updatedAt": "string",
"domains": [
"string"
],
"status": "string",
"userSettings": {
"allowEditSelfPassword": "boolean",
"allowEditSelfInfo": "boolean",
"allowEditSelfContacts": "boolean",
"allowEditSelfLogin": "boolean"
},
"passwordQualityPolicy": {
"allowSimilar": "boolean",
"maxLength": "string",
"minLength": "string",
"matchLength": "string",
"requiredClasses": {
"lowers": "boolean",
"uppers": "boolean",
"digits": "boolean",
"specials": "boolean"
},
"minLengthByClassSettings": {
"one": "string",
"two": "string",
"three": "string"
},
// Includes only one of the fields `fixed`, `smart`
"fixed": {
"lowersRequired": "boolean",
"uppersRequired": "boolean",
"digitsRequired": "boolean",
"specialsRequired": "boolean",
"minLength": "string"
},
"smart": {
"oneClass": "string",
"twoClasses": "string",
"threeClasses": "string",
"fourClasses": "string"
}
// end of the list of possible fields
},
"passwordLifetimePolicy": {
"minDaysCount": "string",
"maxDaysCount": "string"
},
"bruteforceProtectionPolicy": {
"window": "string",
"block": "string",
"attempts": "string"
}
}
// end of the list of possible fields
}
An Operation resource. For more information, see Operation.
|
Field |
Description |
|
id |
string ID of the operation. |
|
description |
string Description of the operation. 0-256 characters long. |
|
createdAt |
string (date-time) Creation timestamp. String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the |
|
createdBy |
string ID of the user or service account who initiated the operation. |
|
modifiedAt |
string (date-time) The time when the Operation resource was last modified. String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the |
|
done |
boolean If the value is |
|
metadata |
Service-specific metadata associated with the operation. |
|
error |
The error result of the operation in case of failure or cancellation. Includes only one of the fields The operation result. |
|
response |
The normal response of the operation in case of success. Includes only one of the fields The operation result. |
CreateUserpoolMetadata
Metadata for the UserpoolService.Create operation.
|
Field |
Description |
|
userpoolId |
string ID of the userpool that is being created. |
Status
The error result of the operation in case of failure or cancellation.
|
Field |
Description |
|
code |
integer (int32) Error code. An enum value of google.rpc.Code. |
|
message |
string An error message. |
|
details[] |
object A list of messages that carry the error details. |
Userpool
A userpool is a container for users in the Identity Provider system.
|
Field |
Description |
|
id |
string Unique identifier of the userpool. |
|
organizationId |
string ID of the organization this userpool belongs to. |
|
name |
string Name of the userpool. |
|
description |
string Description of the userpool. |
|
labels |
object (map<string, string>) Resource labels as key:value pairs. |
|
createdAt |
string (date-time) Timestamp when the userpool was created. String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the |
|
updatedAt |
string (date-time) Timestamp when the userpool was last updated. String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the |
|
domains[] |
string List of domains associated with this userpool. |
|
status |
enum (Status) Current status of the userpool.
|
|
userSettings |
User settings for this userpool. |
|
passwordQualityPolicy |
Password quality policy for this userpool. |
|
passwordLifetimePolicy |
Password lifetime policy for this userpool. |
|
bruteforceProtectionPolicy |
Bruteforce protection policy for this userpool. |
UserSettings
Settings that control user capabilities within a userpool.
|
Field |
Description |
|
allowEditSelfPassword |
boolean Whether users can change their own passwords. |
|
allowEditSelfInfo |
boolean Whether users can edit their own profile information. |
|
allowEditSelfContacts |
boolean Whether users can edit their own contact information. |
|
allowEditSelfLogin |
boolean Whether users can edit their own login information. |
PasswordQualityPolicy
Policy that defines password quality requirements.
|
Field |
Description |
|
allowSimilar |
boolean Whether passwords similar to previous ones are allowed. |
|
maxLength |
string (int64) Maximum password length. Zero means no maximum length is enforced. The minimum value is 0. |
|
minLength |
string (int64) Minimum password length. The minimum value is 0. |
|
matchLength |
string (int64) Minimum length of substrings to check for similarity to vulnerable sequences. The minimum value is 0. |
|
requiredClasses |
Character classes required in passwords. |
|
minLengthByClassSettings |
Minimum length requirements based on character class diversity. |
|
fixed |
Fixed complexity requirements. Exactly one of complexity requirements must be specified. Includes only one of the fields Defines password complexity policy. |
|
smart |
Smart complexity requirements. Exactly one of complexity requirements must be specified. Includes only one of the fields Defines password complexity policy. |
RequiredClasses
Character classes that can be required in passwords.
|
Field |
Description |
|
lowers |
boolean Whether lowercase letters are required. |
|
uppers |
boolean Whether uppercase letters are required. |
|
digits |
boolean Whether digits are required. |
|
specials |
boolean Whether special characters are required. |
MinLengthByClassSettings
Minimum password length requirements based on character class diversity.
|
Field |
Description |
|
one |
string (int64) Minimum length for passwords with one character class. The minimum value is 0. |
|
two |
string (int64) Minimum length for passwords with two character classes. The minimum value is 0. |
|
three |
string (int64) Minimum length for passwords with three character classes. The minimum value is 0. |
Fixed
Fixed complexity policy enforces uniform password rules with required character classes and minimum length.
|
Field |
Description |
|
lowersRequired |
boolean Whether lowercase letters are required in the password. |
|
uppersRequired |
boolean Whether uppercase letters are required in the password. |
|
digitsRequired |
boolean Whether digits are required in the password. |
|
specialsRequired |
boolean Whether special characters are required in the password. |
|
minLength |
string (int64) Minimum length required for all passwords. The minimum value is 0. |
Smart
Smart complexity policy applies adaptive requirements based on character class diversity.
Zero value means passwords with this number of classes are forbidden.
|
Field |
Description |
|
oneClass |
string (int64) For passwords with one class of characters The minimum value is 0. |
|
twoClasses |
string (int64) For passwords with two classes of characters The minimum value is 0. |
|
threeClasses |
string (int64) For passwords with three classes of characters The minimum value is 0. |
|
fourClasses |
string (int64) For passwords with all four classes of characters The minimum value is 0. |
PasswordLifetimePolicy
Policy that defines password lifetime requirements.
|
Field |
Description |
|
minDaysCount |
string (int64) Minimum number of days before a password can be changed. The minimum value is 0. |
|
maxDaysCount |
string (int64) Maximum number of days a password remains valid. The minimum value is 0. |
BruteforceProtectionPolicy
Policy that defines protection against brute force attacks.
Zero or empty values disable bruteforce protection.
|
Field |
Description |
|
window |
string (duration) Time window for counting failed authentication attempts. |
|
block |
string (duration) Duration of the block after too many failed attempts. |
|
attempts |
string (int64) Number of failed attempts allowed within the window before blocking. Value must be greater than 0. |