Get a list of users blocked by bruteforce

peter.goffin · October 22, 2019, 10:51am

Are there any plans to allow a list of user who have been blocked by bruteforce to be searched for/retrieved using the management API?

I have a user management page for administrators within my application which shows a summary of user details including block status (obtained using the GET /api/v2/users).

However this doesn’t seem to include details of users blocked by bruteforce. I know I can check a users block status individually but I would prefer not to do this because it will cause rate limiting issues.

It would be useful for an administrator to see at a glance if any accounts are potentially being attacked. I guess an alternative would be to setup a service to watch the Auth0 logs and send an alert to an administrator instead.

Apologies if I have missed something obvious.

Cheers,
Peter

lucas.sonich · December 6, 2019, 5:07pm

Hello, Peter!

Unfortunately, this feature is not yet available in Auth0.

We recommend that you reach out to our Product team directly by going to Auth0: Secure access for everyone. But not just anyone. so they can take this in consideration for future improvements.

Thank you!

du.chen · January 15, 2021, 6:56pm

Hi Sonich,

Any update / news about this feature?

Thanks,

rueben.tiow · September 15, 2023, 8:38pm

Hi all,

Please check out our Get a List of Brute Force Blocked Users FAQ on this!

Thanks,
Rueben

system · September 29, 2023, 8:38pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.