logto/.changeset/yellow-yaks-bathe.md

---
"@logto/core": minor
"@logto/integration-tests": patch
---

add password policy checking api

Add `POST /api/sign-in-exp/default/check-password` API to check if the password meets the password policy configured in the default sign-in experience. A user ID is required for this API if rejects user info is enabled in the password policy.

Here's a non-normative example of the request and response:

```http
POST /api/sign-in-exp/default/check-password
Content-Type: application/json

{
  "password": "123",
  "userId": "some-user-id"
}
```

```http
400 Bad Request
Content-Type: application/json

{
  "result": false,
  "issues": [
    { "code": "password_rejected.too_short" },
    { "code": "password_rejected.character_types" },
    { "code": "password_rejected.restricted.sequence" }
  ]
}
```
feat(core): password checking api (#6567) * feat(core): password checking api * refactor(core): improve API response 2024-09-11 01:55:07 -05:00			`---`
			`"@logto/core": minor`
			`"@logto/integration-tests": patch`
			`---`

			`add password policy checking api`

			Add `POST /api/sign-in-exp/default/check-password` API to check if the password meets the password policy configured in the default sign-in experience. A user ID is required for this API if rejects user info is enabled in the password policy.

			`Here's a non-normative example of the request and response:`

			```http
			`POST /api/sign-in-exp/default/check-password`
			`Content-Type: application/json`

			`{`
			`"password": "123",`
			`"userId": "some-user-id"`
			`}`
			```

			```http
			`400 Bad Request`
			`Content-Type: application/json`

			`{`
			`"result": false,`
			`"issues": [`
			`{ "code": "password_rejected.too_short" },`
			`{ "code": "password_rejected.character_types" },`
			`{ "code": "password_rejected.restricted.sequence" }`
			`]`
			`}`
			```