SAP Knowledge Base Article - Public

2636807 - "Password change" message appear on UI for an API user even when the maximum password age(days) is set to -1

Symptom

UI password is expired for the API user after certain days {set under "Maximum Password Age (in days)"} and system prompts to change the password whereas Maximum password age(days) is set to '-1' under Admin Center --> Password & Login Policy Settings -->Set API login exceptions

NOTE: Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Environment

SuccessFactors

Reproducing the Issue

Step 1: Login to SF Instance >Admin center > Password and Login Policy Settings> Click on Set API login exceptions

Step 2: Check exception user settings

Step 3: For Set API login exception maximum password age (in days) set is -1 --> apiadmin is added in SET API login exception but password is still expiring after certain days {set under "Maximum Password Age (in days)"}

Cause

API login exceptions are only applicable for authorizing API user for making API calls and this setting does not respect access to UI

Resolution

1. The password change prompt appears for API user on SuccessFactors' UI Login screen however the API password will never expire for the API calls [Expected Behavior]

Password_Change.JPG

2. For SuccessFactors UI Login, password policy settings apply from the highlighted screenshot and it is applicable for all employees.

Login Policy Settings_2.png

3. For Eg: If the password is expired while making API calls, error message looks like "Authentication failed, password has expired(status code = 19). Please attempt a login to the SuccessFactors UI to reset, or contact your system administrator." will return in the response.

See Also

2080170 - How to stop the API Administrator password expiring - https://launchpad.support.sap.com/#/notes/2080170

Keywords

Exception user password expired, Set API login exceptions, API Exception user, API exception user password expired, Password & Login policy settings , KBA , LOD-SF-INT-API , API & Adhoc API Framework , LOD-SF-INT , Integrations , Problem

Product

SAP SuccessFactors HCM Suite all versions