Hi,

I have question concerning your REST_API: 
GET /admin/realms/{realm}/attack-detection/brute-force/usernames/{username}
In 1.9.1..Final my setting per realm Demo looks like:

Inline image 1

I have noticed with this endpoint:

- 1.) when user is not created the answer for this REST is same like for created user with 0 numFailures:
   {
   "numFailures": 0,
   "disabled": false,
   "lastIPFailure": "n/a",
   "lastFailure": 0
   }

- 2.) when Max Login Failures is set to 3 and I put 2 times incorrect password and 3rd time correct password numFailures is not reset by Keycloak:
  {
  "numFailures": 2,
  "disabled": false,
    ....
    ....
   }

Are this 2 cases correct from your point of view?

Thanks and Best Regards,
Andrej.