function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Amol DixitAmol Dixit 

Salesforce API's for "Salesforce Password policies"



I want to get User level Salesforce Password policies fields such as


1) User password Expire in

2) Minimum password length. etc.


To enforce it on my custom password, whether it is following it or not? (In custom page with APEX and VF)


What objects are used for this, I have searched it, but couldn't found. Is there any API provided for this?


Thank you.


Warm Regards,

Amol Dixit.




Hope this will help :


Please accept my answer as a solution if my solution was helpful. This will make it available to others as a proper answer. If you felt that I went above and beyond please give me Kudos by clicking on on the star icon.



Cool Sfdc

Amol DixitAmol Dixit



Thanks for your reply.


I know this functionality from UI.



But want to know the API's provided in salesforce (APEX). Because I have custom VF page and want to get it for custom password validation. What all standard objects are involved?




Warm Regads,

Amol Dixit


There's no "API" for determining the session timeout or password policies. You could attempt to use "screen scraping", but this only works assuming the user has at least View Setup and Configuration on their profile. This method would be hard to implement and easy to break in a release. You're probably better off simply submitting the password to change to and let the platform tell you if the change was successful or not-- you'll get an error message if the password is unacceptable (e.g. because it was recently used, does not meet complexity, etc).

Sumit Mundhada 14Sumit Mundhada 14
You can use the tooling api for getting account settings. We are doing it on our project.
1. Decide and implement the appropriate OAuth flow for you application to get the access token.
2. A get request to <Instance_URL>/services/data/v44.0/tooling/query?q=select+id+from+SecuritySettings. This will return you settings URL.
3. Send another GET request to the settings URL with the same access token to get the required data.

You will need to send the access token in the Authorization Header (Bearer <access_token>) in both the GET requests.

Hope this helps. Let me know if you need more info.