Hi guys,
is there any way to configure different password policies for different kind of users in
one realm?
We´re dealing with the following use case: Two different types of users: one represents
human users, who are able to login via a login page. The second represents other
applications which do a system to system communication without login via a login page .
For human users we want to specify the policy that they have to change their password at
least all 90 days. User which were used for other applications (machine to machine
communication) were not able to change their password. So we want to define this policy is
only for human users.
I can´t find a possibility to distinguish between user types, so our idea was to use two
separated realms. I can add user from type A to Realm 1 and user from type B to Realm 2
and with that, I´m able to configure different password policies for both groups. But at
the end if both user types have access to the same client, I have to configure the same
client with all its roles in both realms identically to add roles of this client to users
within this realm.
What would be your recommendation to fulfil the requirement described in the use case?
Thanks for your help,
Sebastian