Happy Business Starts Here

Allow different password expiration terms per user type

It would be nice to have different password expiration dates for the different user types (API/Admin/Standard/etc.). Most other systems (Netsuite, SFDC as two examples) allow this. This way, we could enforce tight security for end users, but not have to reset our API user(s) every 90 days. 

1 Comment
Zuora Product Team
Status changed to: Under Consideration

Hi @chrisorme, we just rolled out OAuth for API connections in August, which would allow you to not worry about expiration dates for API clients (previously we prevented expiration of API only users as well). Does that address what you're looking for, or is there still a use case where (outside of the API users) your different users need a different password expiration timeline? And if so, what would your requirement be for those timelines, say for Admin vs. Standard users? Would addition of 2FA for certain users, like Admin, relax that requirement?