List of blocked users via API

Help
,
1

Hi!

I’m having trouble for users not coping with password-less email login :wink:

Requesting a lot of codes way to fast, and then entering the wrong code, and being block by the brute-force-filter.

There seems to be no way I can get a list of these users, except pulling each user thru th /user-blocks api endpoint, and to me it doesn’t sound very efficient. Neither for me nor for Auth0, to force me the sweep thru all my users, to detect who has been blocked.

Is there any other way to get a lost of all blocked users?

The normal blocked users is listed to me via the /users API-endpoint

/Henning

3

Hi @kulturnat,

You can use the Management API’s List of search users endpoint to get a list of users. Then you can add a filter for blocked users using q=blocked:true in your request.

For example:

curl -L 'https://YOUR_DOMAIN.auth0.com/api/v2/users?q=blocked:true' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer 🔒'

Let me know if there’s anything else I can do to help.

Cheers,
Rueben

4

No that’s not what I’m looking for.

That query gets all the blocked users ( eg using the “block”-button on the dashboard ),
image
not the users that was block for brute-force (users entring the wrong password too many times ):
image

Images are screenshots of two of my test-users for testing this problem.

/Henning

5

Hi again.

I just noticed that the information is displayed in the “raw JSON” tab in the dashboard.

"blocked_for": [
    {
        "identifier": "email@example.org",
        "connection": "email",
        "ip": "aaaa:bbbb:cccc:dddd:eeee:ffff:gggg:hhhh"
    }

But I can’t use blocked_for in the query.

/Henning

6

Hi @kulturnat,

Thanks for the update and clarification.

Unfortunately, there isn’t an endpoint to get a list of users blocked by brute force protection.

I suggest referring to this knowledge solution, which addresses this:

Cheers!
Rueben