Hello,
We’re doing some testing on throttling and attack prevention, and we found that the signups that are going through ManagementClient.createUser
on 2.x NodeJS SDK are not being throttled.
We were trying to find any information on the throttling of Management API (which I assume is being called behind the scenes from ManagementClient.createUser
function), but did not find definitive answer either.
Our settings:
Sign up Threshold - Maximum Attempts: 1
Sign up Threshold - Throttling Rate: 1
I assume that these settings will allow only one attempt per day to sign up, and all the others will be blocked.