I was recently asked by a customer if the SSO account email@example.com is affected by the Password Policy which by default expires after 90 days. A quick check on the documentations gave me two conflicting answers:
This one states that it will expire after 90 days but this one says otherwise. After checking internally, it is confirmed that the SSO password policy only applies to user created accounts in the sphere.local domain. The firstname.lastname@example.org account is considered a System account so the password policy is ignored.
[Edit] The documentation team has been informed and the first link will be corrected soon.