User with no password expiry (or) password policy specific to user

We are using Keycloak as our Identity Management System. We see that the “Password policies” are set at the Realm level and not at the user level.

We have a customer requirement wherein the password policy has to be applied on the user level. We understand that this can open up security concerns, but still want to check if there are any workaround around this use case.


I don’t think you can do that as is.

Worst case you could set a property for each user which contains a regex or enum type if you have only a fixed number of possibilities.
And then you could create a custom provider that handles the logic for these things.