Content
To comply with the security requirements of “JC-STAR,” it is necessary to implement a functionality that can introduce a delay when issuing authentication responses.
Currently, the settings in Auth0 are as follows:
- Suspicious IP Throttling: Enabled
- Suspicious IP Thresholds: Default
Under these conditions, there is no functionality in Auth0 to introduce delays in authentication responses. Therefore, I would like to request the addition of the following features:
- The ability to configure a delay time when issuing authentication responses.
- The ability to control delay time dynamically, especially after failed authentication attempts.
(For example, allowing a delay time such as XXms to be specified.)
The addition of these features would greatly help in meeting the requirements of JC-STAR compliance. I would greatly appreciate it if you could consider implementing these improvements.
Additional Information
Through previous communication, I have confirmed that no such functionality currently exists in Auth0.
The goal is to achieve stricter control over IP throttling and to meet specific security requirements.