# Get strictest password configuration

Retrieve the user's strictest password configuration.

This is useful when a user belongs to multiple accounts (tenants) with varying password complexity requirements. The route returns the strictest setting the user is subject to.

Endpoint: GET /resources/users/v1/passwords/config
Security: bearer

## Query parameters:

  - `userId` (string)

## Response 200 fields (application/json):

  - `allowPassphrases` (boolean)

  - `maxLength` (number)

  - `minLength` (number)

  - `minPhraseLength` (number)

  - `minOptionalTestsToPass` (number)

  - `blockPwnedPasswords` (boolean, required)

  - `optionalTests` (object)

  - `requiredTests` (object)