Last Updated: Sep 12, 2024
Overview
This article describes how the Login Count attribute works.
Applies To
- Login Count Attribute
Solution
The Logins Count refers to the number of times the user has logged in. If a user is blocked and logs in, the blocked session is counted.
This field is updated at the following moments:
- After the user authenticates with username-password in an Auth0 database connection through Universal Login.
- After the user authenticates through /oauth/token with any credential supported by the endpoint: password, passwordless OTPs, native social, etc.
- After the user authenticates through /co/authenticate (embedded login from Single Page Applications).
- After the user authenticates in an upstream Identity Provider. In this case, they might not need to enter credentials if there was already a session with the upstream identity provider.
- Before Actions/Rules execute. This behavior has the following implications:
- When logging in as part of a signup flow login count will be set to one: logins_count = 1
- If, for whatever reason, the user is not redirected to the application after Actions/Rules execute (an error is returned, or they don’t complete MFA), the logins_count is incremented anyway.
The field is not updated in this scenario:
- If the user already had a session in Auth0 and other is no need to provide credentials (e.g., SSO, Silent Authentication).
- If the user logs in by directly calling dbconnections/signup. If they do login after signup, it will be incremented in that first login.