keystone/releasenotes/notes/bp-password-expires-validat...

14 lines
589 B
YAML

---
features:
- >
[`blueprint password-expires-validation <https://blueprints.launchpad.net/keystone/+spec/password-expires-validation>`_]
Token responses will now have a ``password_expires_at`` field in the
``user`` object, this can be expressed briefly as::
{"token": {"user": {"password_expires_at": null}}}
If PCI support is enabled, via the ``[security_compliance]`` configuration
options, then the ``password_expires_at`` field will be populated with a
timestamp. Otherwise, it will default to ``null``, indicating the password
does not expire.