keystone/releasenotes/notes/bp-password-expires-validation-4b32fe7032595932.yaml
Steve Martinelli 5e2cc88ce7 clean up release notes for ocata
Change-Id: I9f4d47518f1a1ab184d6cefb2b251aaad38e113a
2017-01-27 14:36:54 +00:00

14 lines
589 B
YAML

---
features:
- >
[`blueprint password-expires-validation <https://blueprints.launchpad.net/keystone/+spec/password-expires-validation>`_]
Token responses will now have a ``password_expires_at`` field in the
``user`` object, this can be expressed briefly as::
{"token": {"user": {"password_expires_at": null}}}
If PCI support is enabled, via the ``[security_compliance]`` configuration
options, then the ``password_expires_at`` field will be populated with a
timestamp. Otherwise, it will default to ``null``, indicating the password
does not expire.