Role Based Password Policies

HI Team,
How can I create role based password policies in Forge Rock Identity Cloud? I have multiple user personas and I need to create custom password policies for each of them.


Hi @monalisa_m,

This is not supported out of the box, unfortunately. The option here would be to create one custom password attribute for each persona, then build the authentication tree so that to :

  • Identify the identity from the username (or mail) entered by the user - e.g platform username collector + identify existing user node.
  • the user has also entered the password (platform password collector)
  • set the userpassword value from the proper custom attribute, according to the user persona, via the idRepository object (state then must be saved)
  • Check the user credentials via the Datastore decision node.

Caution: I have not tested this, so cannot guaranty it’s 100% a valid solution. Perhaps you might want to step back on this business requirement as it incurs increased solution ownership costs due to its complexity, and see wether having a common policy would suite better the overall project.


1 Like