Bot Detection not Generating PLA Logs for Certain Failed Logins

Problem statement

The log type “pla” is the log that is generated when the Enable tenant logs for Risk Assessment setting for Bot Detection is enabled:

There appear to be some logs for failed logins that do not have this Risk Assessment log associated with them. These error logs may have a description like “missing client parameter” or “Missing required parameter: response_type”.


Bot detection is not triggered on login attempts that fail a schema validation (e.g., the /authorize request is made without a required parameter like response_mode or client_id). The login page is not rendered, so no CAPTCHA would be needed, and a PLA log is not generated.