Overview
This article explains a specific use case in which users do not receive the notifications even though the “Send notifications to affected users” option is turned on in Brute-force Protection settings for the blocked users.
The blocked user is from a database connection, and the email, username, and phone number are enabled as identifiers.
The user is blocked while logging in with an email receiving the account blocked notification; however, the users logging in with their usernames and blocked due to incorrect passwords do not receive the notification.
Applies To
- Notifications
- Blocked Accounts
Cause
The usernames were numeric, causing Auth0 to attempt sending the notification through SMS instead of E-mail.
Solution
The issue can be resolved in three alternative ways:
- The usernames should be updated to alphanumeric values
- Phone Number attribute should be deleted from the connection
- Phone Number attribute should be disabled as an Identifier.
