Hi, When using the Brute Force Detection it seems if a user is blocked the error message returned by the Keycloak API is "invalid_grant: Invalid user credentials" which is the same error message returned if the password was wrong. I understand the idea here is to prevent an attacker from knowing the difference but from a usability perspective it would be much nicer if we could somehow inform the user if his account is currently locked. Is there any reasonable way to do this? I'd rather not have to make an additional API call after every failed login attempt to see if the user is blocked. Regards, Scott