IP Blacklisting for M2M calls
At present it is possible to implement a whitelist for M2M calls to the Auth0 API. However it does not appear possible to implement a blacklist for IPs where calls are coming for M2M access tokens to the Auth0 API. The problem with this is potentially unauthorized access and usage of M2M token quota, which could then have knock on effects.
From research, Auth0 does have IP throtttling, Bot Detection, Brute Force Detection built in (security/attack-protection in Dashboard) but these seem geared towards end user login flows, not M2M tokens. I see that there is some controls in place at the token level, but this relates to stopping calls from IPs before the token is issued.
It would be useful to have
- IP throtttling, Bot Detection, Brute Force Detection type controls for M2M token calls, and a way to add some custom control (e.g x calls per minute from an IP for a token, blacklist it, place on blacklist with reason why). Such a custom control would allow the customer to determine a pattern that looked suspicious based on how they know their system is configured.
- A way to manually add/remove IP addresses if needed to a Blacklist for this purpose
I have looked and not been able see this specifically raised before. Feedback would be welcome, hope the above is clear.