API: Changing the password policy

You can use Haiilo's API to define a custom password complexity policy for local user accounts. By default, Haiilo's password policy requires passwords to be at least six characters long and include one number.

The change in complexity applies to new users who are logging into Haiilo for the first time and those who are changing or resetting their passwords. The change via REST API has no effect on the Haiilo app.

To make calls to the Haiilo API, you need to authenticate first. You can find detailed information about authenticating and using the API here.

List current settings

  1. Make a GET request to the endpoint /api/settings/public to get a list of all public settings

The response should look similar to below:

    "linkPattern": "<link pattern>",
    "emailPattern": "<email pattern>",
    "networkName": "<network name>",
    "phonePattern": "<phone pattern>",
    "jsLogThrottle": "<js log throttle>",
    "passwordPattern": "^(?=.*\\d).{6,}$"

Update password pattern

  1. Copy the entire response body from the earlier call
  2. Enter the entire copied response in the request body.
  3. Make the desired changes to passwordPattern. The pattern must be written in RegEx following the rules in the table. You can view an example pattern below.
    Pattern characters Rule
    ^ The password string must begin with this character
    (?=.*[a-z]) The password must contain at least one lower-case letter
    (?=.*[A-Z]) The password must contain at least one upper-case letter
    (?=.*[0-9]) The password must contain at least one number
    (?=.*[!@#\\$%\\^&]) The password must contain at least one special character
    .{8,}$ The password must be at least 8 characters long
  4. Make a PUT request to the endpoint /api/settings

Example pattern

Below is an example of a password pattern written in RegEx.


The pattern has the following complexity:

  • At least 10 characters long
  • Contains at least one special character (!\$%&#)
  • Contains at least one number (0-9)
  • Contains at least one upper-case letter 

Was this article helpful?