Is there any way to execute code in a rule or hook or anything when a login attempt fails? I know it gets logged and that can be accessed via management api but it would be very helpful to handle the event when it occurs rather than periodically checking for the events.
Updated with use case:
In the simplest case, I want to send an alert email when a user fails to login both as a means of proactive help desk and also addressing potential security concerns immediately. But, the flexibility for executable code to run rather than an email template would be ideal.
1 Like
To my knowledge there’s no extensibility point that would allow to immediately run custom code upon a failed login attempt. As you mentioned, you can poll for the events in question directly or use one of the webhooks extension and then react to them accordingly, but both options imply polling.
In addition, if the reason for the authentication failure is already rule-based, that is, your own rule is preventing the authentication to be completed due to a certain condition then for that subset of failed operations you can already run additional code immediately as it’s your code the source of the failure.
Finally, if you can share (update the question or leave a comment) the exact use case for which you would be using such a feature then it will helps us both in considering possible alternatives and also have a better idea on how could something that would accomplish your goals be integrated into the product.