Passcode Expiry¶
Introduction¶
For enterprise applications, the application passcode set by a user is the most fundamental layer of security against unauthorized access. Keeping the passcode updated according to the admin-defined policy on mobile services cockpit is essential.
One such policy is passcode expiry, which defines the number of days a passcode remains valid before it expires.
SAP BTP SDK for iOS v26.4 introduces support for detecting passcode expiry. When a passcode expires, the SDK notifies the user and prompts them to change it.
This ensures the application remains securely accessible and adheres to the admin-defined policy.
Enabling Passcode Expiry Check¶
To enable this feature, set a value greater than 0 for Expiration Time Frame under Client Settings in the mobile services cockpit.
Once configured, the SDK begins checking for passcode expiry from the next application restore onward. The check is performed during the restore flow, when the latest passcode policy is retrieved from SAP Mobile Services.
A value of 0 for Expiration Time Frame means the passcode never expires. The SDK skips the expiry check.
When the Passcode Expires¶
The SAP BTP SDK for iOS checks for passcode expiry during the restore flow. When a passcode expires, the SDK displays a feedback screen that notifies the user and prompts them to change the passcode.
When you type Continue, you are guided through the change passcode flow to create a new passcode. Once the new passcode is set, expiry checks apply to it.
Note
If the passcode reuse restriction feature is also enabled, the user can reuse previous passcodes when creating a new one upon expiry. For more information, see here.
Note
Passcode expiry requires the application to be on version 25.11 or later before upgrading to version 26.4 of SAP BTP SDK for iOS.