--- title: Platform Password node description: The Platform Password node prompts the user to enter their password and stores it in a configurable property of the shared node state. component: auth-node-ref version: latest page_id: auth-node-ref::platform-password canonical_url: https://docs.pingidentity.com/auth-node-ref/latest/platform-password.html keywords: ["Nodes & Trees", "Journeys", "Authentication", "Passwprd"] page_aliases: ["auth-node-platform-password.adoc"] superseded_by: https://docs.pingidentity.com/auth-node-ref/latest/platform-password.html section_ids: example: Example availability: Availability inputs: Inputs dependencies: Dependencies configuration: Configuration outputs: Outputs callbacks: Callbacks outcomes: Outcomes errors: Errors --- # Platform Password node The Platform Password node prompts the user to enter their password and stores it in a configurable property of the shared node state. ## Example The following journey uses a [Page node](page.html) containing the [Platform Username node](platform-username.html) and [Platform Password node](platform-password.html) to collect the username and password and set their values in the shared node state: ![Username and password authentication](_images/platform-username-password.png) a The [Page node](page.html) presents a page with input fields to prompt for the username and password. * The [Platform Username node](platform-username.html) collects and injects the `userName` into the shared node state. * The [Platform Password node](platform-password.html) collects and injects the `password` into the shared node state. b The [Data Store Decision node](data-store-decision.html) locates the user in the backend identity store and determines if the credentials are correct: * If the credentials are correct, the journey progresses to the [Increment Login Count node](increment-login-count.html). * If the credentials aren't correct, the journey progresses to the [Retry Limit Decision node](retry-limit-decision.html). c The [Increment Login Count node](increment-login-count.html) updates the login count on successful authentication. d The [Retry Limit Decision node](retry-limit-decision.html) determines how many times the user has attempted these credentials: * If the number of attempts doesn't exceed the maximum, the user is redirected to the [Platform Username node](platform-username.html) to attempt their credentials again. * If the number of attempts exceeds the maximum, the journey follows the failure outcome. e The [Inner Tree Evaluator node](inner-tree-evaluator.html) invokes a nested journey for progressive profiling. ## Availability | Product | Available? | | ------------------------------------- | ---------- | | PingOne Advanced Identity Cloud | Yes | | PingAM (self-managed) | Yes 1 | | Ping Identity Platform (self-managed) | Yes | 1 This functionality requires that you configure AM as part of a [Ping Identity Platform deployment](https://docs.pingidentity.com/platform/8.1/sample-setup/). ## Inputs This node uses the `_id` of the object for policy evaluation. For existing users, the user's `_id` must be in the shared state to evaluate user-specific policies, such as password history, `cannot-contain-others`, and so on. No `_id` is available for new users. Implement the [Identify Existing User node](identify-existing-user.html) earlier in the journey. ## Dependencies This node has no dependencies. ## Configuration | Property | Usage | | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Validate Password | When enabled, this node uses password policies to validate the user's input. It returns any policy failures as errors.For example, if you submitted an invalid password on registration, the response from this node would include a list of failed policies:```json { "name": "failedPolicies", "value": [ "{ \"params\": { \"minLength\": 8 }, \"policyRequirement\": \"MIN_LENGTH\" }", "{ \"params\": { \"numCaps\": 1 }, \"policyRequirement\": \"AT_LEAST_X_CAPITAL_LETTERS\" }", "{ \"params\": { \"numNums\": 1 }, \"policyRequirement\": \"AT_LEAST_X_NUMBERS\" }" ] } ```Default: Not enabled | | Password Attribute | The attribute used to store a password in the managed identity object.Default: `password` | | Confirm Password | Enable this option to require the user to enter the password identically in a second field. This property only displays when the node is placed within a Page node.Default: Not enabled | | Checkmark Policy Display | Enable this option to show a checkmark instead of faded bullet points on successful password validation. This property only displays when the node is placed within a Page node.Default: Not enabled | ## Outputs On success, this node updates the Password Attribute property in the shared node state with the password. The captured password is transient, persisting only until the authentication flow reaches the next node requiring user interaction. It may be persisted to the secure state if required later in the journey. ## Callbacks The node sends the following callbacks: * `PasswordCallback` Prompts the user to enter their password. * `ValidatedPasswordCallback` Includes a list of failed policies if the Validate Password option is enabled and the password entered is invalid. Learn more in [Supported callbacks](https://docs.pingidentity.com/pingoneaic/am-authentication/callbacks-supported.html). ## Outcomes Single outcome path. ## Errors This node doesn't log any error or warning messages of its own.