Can You Administratively Delete Security Challenges And Answers When Lost Password Policy Enabled
Last updated on MARCH 08, 2017
Applies to:COREid Identity - Version: 10.1.4.3
Information in this document applies to any platform.
If lost Password policy is enabled, then User Manager will no longer give the option to remove security challenge question and aswers.
You have also tried to remove the security challenges by making an IDXML request similar to the one documented in the Oracle Identity Xml developers guide (example 2-9). The Identity Server rejects this with a message indicating that your challenge question attribute value is invalid on your request to delete it.
So to recap, you need to remove security challenges for a given user. That user will be associated to a password policy that has lost password policy enabled. When you try to remove them administratively through IDXML, you get the following response:
<ObTextMessage>Invalid value for parameter PFGChallengeQuestionsText</ObTextMessage>
This appears to be caused by the fact the password policy requires that a user have security challenges. is there a way to work around this besides creating new policies and moving the user to the new policy, removing the challenge phrases and then moving them back to the old policy that has Lost password policy enabled?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms