[OPENAM-11052] Minimum password length is 8 error in AM 5.0 when updating identities using the REST API Created: 20/Apr/17  Updated: 08/Nov/19

Status: Open
Project: OpenAM
Component/s: rest
Affects Version/s: 14.0.0
Fix Version/s: None

Type: Bug Priority: Major
Reporter: Dom Reed Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: AME, Should-Fix
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Support Ticket IDs:


This error occurs when updating identities using REST, for example with a command such as:

$ curl -X PUT -H "iplanetDirectoryPro: AQIC5wM2LY4Sfcxs...EwNDU2NjE0*" -H "Content-type: application/json" -H "Accept-API-Version: protocol=1.0,resource=2.0" -d'{
    "inetUserStatus": "Active"
}' http://host1.example.com:8080/openam/json/realms/root/users/demo

where other attributes can be specified in the data section (for example mail) and also result in this error.

It can be resolved by specifying the Accept-API-Version header (for example -H "Accept-API-Version: protocol=1.0,resource=2.0") and works regardless of which resource version you specify. Alternatively, it can be resolved by setting the Default Protocol Version to OLDEST in the console even the protocol version hasn't changed yet.

So I think there are several issues here:

  1. The error message is misleading
  2. The header shouldn't be mandatory unless either of the Default Versions are set to NONE
  3. The Default Protocol Version set to LATEST (default if you do new install) should be respected.

Generated at Mon Sep 21 15:40:37 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.