Retrieve a list of Blocked Users not working

Hello Community! I’m working on a script for the login page, where I will automatically unblock a user if the user gets blocked due to Brute Force Attack after 15 mins of being blocked (since there is no way to configure that in the website) only being able to be unblocked twice.

The problem is getting the user list by doing q:blocked=true, but not able to retrieve anything even when there is a dummy user that is blocked by brute force

this is the request I am doing in python

def get_blocked_users():
    headers = {
        'Authorization': f'Bearer {get_management_token()}',
        'Accept': 'application/json'
    }
    url = f'https://{AUTH0_DOMAIN}/api/v2/users'
    params = {'q': 'blocked=true'}
    resp = requests.get(url, headers=headers, params=params)
    resp.raise_for_status()
    print(resp.json()) # check for response here
    return resp.json()

Will it only get the users that are blocked by the admin or other means and will not show the ones who are blocked by brute-force?

I have managed to make a workaround for this problem which is to base the blocked users using logs type:“limit_wc”, but it is not nearly as efficient as the one I am asking.

Hi @vincent5

Welcome to the Auth0 Community!

Thank you for posting your question. The behaviour is observed that you don’t see users who were blocked by the Brute Force Protection is expected behaviour. You can read more about that here → Query Users Blocked by Brute Force Protection Using the Management API

Thanks!
Dawid