Manage password history settings

Modify password history settings
Open Recipe

Manages the password history settings for an entity type. Password history tracks as many as the last 10 password employed by a user, and prevents the user from setting their password to any of those prior password values. By default, Identity Cloud doesn't place any restrictions on pass word reuse. That means that, among other things, a user can continually "reset" their password to their existing password.

Password history (also known. as "unique password enforcement") works by speciifying the number of passwords Identity Cloud retains for each user. For example suppose password history is set to 2, meaning that the user's last two passwords are retained. Suppose, in turn, that a user uses the password password1, then changes their password to password2. That user's password history will look like this:

  • password2
  • password1

The next time the user changes their password they won't be able to reuse either of those passwords. However, if the user changes their password to password3 then their password history will look like this:

  • password3
  • password2

Because it's no longer in the password history the user is once again allowed to use password1.

Note that password history is applied to an entity type. You can't specify different history settings for individual users: all users in the entity type get the same password history settings.

See Unique password enforcement for more information.


This operation supports Basic authentication. See Get started for more information.

Base URL

The base URL for this operation is your Identity Cloud Capture domain; for example:

Your Capture domain (also known as a Registration domain) can be found in Console on the Manage Application page.


Example request: Set password history to 7

This example sets the passhistory for the user entity type to 7:

curl -L -X POST \
  'https://' \
  -H 'Authorization: Basic bmtmcW5iZDN0NGU1NW55YnIzbW5uaHB6czg3NTY0bng6c2VtdTJoc3A0NmQ0ajhzNWZ4eHJ6Y25jY2EybnI1dGU=' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode 'settings={"historySize": 7}' \
  --data-urlencode 'type_name=user' \
  --data-urlencode 'application_id=3vadba3vhqpkdgtsrqd4st76m3'

Example response

If your API call succeeds the response contains the new password history setting:

    "settings": {
        "historySize": 7
    "stat": "ok"


All parameters need to be configured as x-www-form-urlencoded body parameters.

spplication_idstringUnique identifier of your Identity Cloud application. You can find your application ID on Console’s ****Manage Application page.
type_namestringName of the entity types that stores your user profiles.
settingsJSON objectJSON object containing the historySize property, the property used for password history settings. This value can be set to any integer between 0 and 10 (inclusive), and specifies the number of passwords that Identity Cloud retains for each user. Setting historySize to 0 disables password history.