[keycloak-user] Brute Force Detection

Francky Vens francky.vens at tpv-tech.com
Thu May 3 10:01:05 EDT 2018


Hi,

I have a question about how to visualize the brute force detection.  Currently we are using the REST API command "get admin/realms/{realm}/attack-detection/brute-force/users/{userId}"
In this command,  {realm} and {userId} are mandatory attributes.
Hence, you need to know the userId upfront before you can check if that user account is under attack or not.
Is my interpretation correct?
I find this strange.  I would expect to get back a list of users who are under attack instead of having to check one by one.
Or am I missing something?

Current keycloak version: 3.4.3

Kind Regards,
Francky


More information about the keycloak-user mailing list