Hi, I want to know if there’s any way to catch if a user is or has been blocked after X number of failed attempts.
I was thinking of a rule, action, or hook that could catch when the user gets blocked so we can use some logic, like sending an SMS from our system to global admins.
Something like: User ---> Login attempt ---> action check if user will be/has been blocked ----> Some logic in action, rule or hook
I understand that you would like to know how to know if a user is blocked by brute force protection.
To do so, I recommend using the Management API’s Get a user’s block endpoint and set the consider_brute_force to true. By doing so, you can determine if the user is blocked by brute force protection.
I hope this helps!
Please do not hesitate to reach out if you have any further questions.
I’m looking to show in a User Grid the status of users, which needs to consider if they are blocked. I have noticed that if the user is blocked due to brute force protection, the search user endpoint doesn’t return any properties indicating that the user is blocked. I would have expected that the blocked attribute would show as true. Is there a way to achieve this without making a request to the user block endpoint for every user on the page?
Unfortunately, there isn’t an endpoint that can query for a list of brute-force blocked users.
I understand the current solution of using the Get a user’s block endpoint would not be scalable.
For now, my best recommendation is to use the Logs to find the users who are blocked from brute force. In the logs, search for the limit_wclog event type code.