Showing results for 
Search instead for 
Did you mean: 

Effectiveness credential policy on Cisco Jabber for local user

Level 3
Level 3


I have a strange behaviour by a customer who has a CUCM with local users only and Jabber in use.

The customer need to set a credential policy with expiration, so that users must change the password after X days.

After the password has expireed, if the user try to open the Self-Care Portal, he must insert the old and the new password, than he can login to the configuration page. But in Jabber he can still login even if the password has expired.

What could be the cause? If I test the same credential policy in my test environment, I get the error that the usernam or password are not valid, or if the Jabber client was still connect the services are no longer working.

Thanks, Mirko

2 Replies 2

Level 3
Level 3

I have tested again on the customer's CUCM: also with the default credential policy, if I change the user's password, I can restart Jabber and I don't need to type the new password. Only if I disconnect Jabber I need to enter the credential again.

The customer has OAuth enable with the standard settings:


Do someone have an idea?

Thanks, Mirko

With that Jabber will use a token to authenticate after the initial login. This will allow the client to connect as long as the token is valid. The default is 60 days I believe.

Response Signature

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: