Currently brute force protection is not enabled for service accounts, but
there's an outstanding issue to enable this:
https://issues.jboss.org/browse/KEYCLOAK-2003
On 8 December 2015 at 16:36, Paul Blair <pblair(a)clearme.com> wrote:
Currently, all of our clients will be logging in with service
accounts
using signed JWT as described here:
http://blog.keycloak.org/2015/10/authentication-of-clients-with-signed.html
.
Does brute-force detection accomplish anything under this scenario?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user