RESTAPI:Password operations
Cryptshare Server administrators are able to set-up various password requirements. In order to check the requirements or to validate or generate passwords, several endpoints exist to assist.
Request a generated password
With this endpoint the consumer can request a server-side generated password in the response body that fulfills all password requirements.
GET https://<your-url>/api/password
Validate a custom password
Before setting a transfer password in the Edit Password endpoint, the consumer would be able to validate their custom password first, to check if it fulfills all password requirements.
If the password does not fulfill certain requirements, these are listed in the response body.
POST https://<your-url>/api/password
| Description | Rule name |
|---|---|
| If whitespaces are forbidden | whitespacesDeclined |
| If alphabetical sequences like "abc" are forbidden | alphabeticalSequenceDeclined |
| If numeric sequences like "123" are forbidden | numericSequenceDeclined |
| If sequences found on keyboards are forbidden like "qwerty" | keyboardSequenceDeclined |
| If the blocklisted characters are forbidden. (Manually configurable by the Cryptshare Server administrator) | blacklistedCharactersDeclined |
| If directly repeated characters are forbidden like (Flussschifffahrt with sss and fff) | repeatedCharactersDeclined |
| If common words that can be found in dictionaries are forbidden. | dictionaryWordsDeclined |
| The minimum length of the password | minimumLengthRequired |
| The maximum length of the password | maximumLengthRequired |
| If letters are required | lettersRequired |
| If special characters like !"§$ are required | specialCharactersRequired |
| If upper case characters are required | upperCaseRequired |
| If lower case characters are required | lowerCaseRequired |
| If digits are required. |
Request password requirements
The consumer is able to receive a list of all password requirements that have to be fulfilled, so that the password is allowed as a transfer password.
The same properties like in the "Validate a custom password" request are used.
GET https://<your-url>/api/password/requirements