Configure Brute Force Protection
-
Go to Tenant Settings > Brute Force Protection. You can see a list of Identity Management-related actions.
-
Set the limits for consecutive unsuccessful requests for particular actions under Max Attempts. After exceeding the limit, the requestor is blocked for the time set in Block Duration.
Disabling Brute Force Protection
It is possible to disable Brute Force Protection either by toggling the option in the UI or by sending a request with
max_attempts
set to 0. Please do so at your own risk.