Feature: Correlate user_id for attack protection logs
Description: When a user gets blocked because of brute-force protection, an event is fired in the tenant logs (type limit_wc
). The user_id however, is empty. We need to be able to correlate these logs to a specific user. Username is not applicable, since this can change over time.
Use-case: We want our support team to be able to see if and when the user was blocked in another application. We don’t want to have to call the management-api every time the user detail screen is viewed.