Hi, I want to know if there’s any way to catch if a user is or has been blocked after X number of failed attempts.

I was thinking of a rule, action, or hook that could catch when the user gets blocked so we can use some logic, like sending an SMS from our system to global admins.

Something like:
User ---> Login attempt ---> action check if user will be/has been blocked ----> Some logic in action, rule or hook

I hope we can find a solution together.
Thanks.

Hi @lucas.gonzalez,

Thanks for reaching out to the Auth0 Community!

I understand that you would like to know how to know if a user is blocked by brute force protection.

To do so, I recommend using the Management API’s Get a user’s block endpoint and set the consider_brute_force to true. By doing so, you can determine if the user is blocked by brute force protection.

I hope this helps!

Please do not hesitate to reach out if you have any further questions.

Thank you.