mirror of
https://github.com/zitadel/zitadel.git
synced 2025-02-28 21:47:23 +00:00
27be460c07
* onboarding components, routing, steps * onboarding component, toc * fix onboarding mixin * header * refactor docs * fix layout * cleanup routing * docs routing * fix conventions * de en routing * docs, guide contents, nav * rem i18n support * fix routing from docs * rollup onwarn changes, preload * update svelte plugin, update rollup config * move docs * revert img style, remove code table * rem de completely * rollup optim, template * angular quickstart, quickstart overview page, update deps * fix link * pack, slug * prefetch binding, hidden links * export log * guards route ch * fix homepage * angular docs * docs * resolve fsh * overview * docs * docs * packages fix race condition * nav, home link * add vue, aspnet * doc optimizations * embed status pal * angular guide * angular guide * dotnet, angular guide * viewbox * typo * block onboarding route for non iam writers * set links from component data * fix: fetch org context in guard, more main cnt (#1192) * change get started guide, fix code blockquotes, typos * flutter guide * h2 spacing * highlight strong * plus * rm start sublinks * add proxy quickstart * regex * prevent outside click, fix project grant write Co-authored-by: Florian Forster <florian@caos.ch> Co-authored-by: Livio Amstutz <livio.a@gmail.com>
54 lines
1.2 KiB
Markdown
54 lines
1.2 KiB
Markdown
---
|
|
title: Policies
|
|
---
|
|
|
|
### What are policies
|
|
|
|
Policies are a means of enforcing certain behaviour of ZITADEL.
|
|
ZITADEL defines a default policy on the system level. However an organisation owner can change these aspects within his own organisation.
|
|
|
|
### Available policies
|
|
|
|
Below is a list of available policies
|
|
|
|
#### Password complexity
|
|
|
|
This policy enforces passwords of users within the organization to be compliant.
|
|
|
|
- min length
|
|
- has number
|
|
- has symbol
|
|
- has lower case
|
|
- has upper case
|
|
|
|
> Screenshot here
|
|
|
|
#### IAM Access Preference
|
|
|
|
If enabled, this policy enforces that usernames are suffixed with the organisations domain.
|
|
Under normal operation this policy is only false on the `global` organisation, so that users can choose their email as their username.
|
|
|
|
Only available for the [IAM Administrator](administrate#ZITADEL_Administrators).
|
|
|
|
> Screenshot here
|
|
|
|
#### Login Options
|
|
|
|
With this policy it is possible to define what options a user sees in the login process:
|
|
|
|
- Username Password allowed
|
|
- Self Register allowed
|
|
- External IDP allowed
|
|
- List of allowed external IDPs
|
|
|
|
> Screenshot here
|
|
|
|
#### Audit policy changes
|
|
|
|
> Screenshot here
|
|
|
|
### Upcoming Policies
|
|
|
|
- Password age
|
|
- Password failure count
|