Getting and Updating the Suspicious IP Throttling Configuration
Learn how to retrieve and update the suspicious IP throttling configurations by using Auth0 API.
In this lesson, we'll see how we can get and update the suspicious IP throttling configuration using an API call. We'll use the https://{{DOMAIN}}/api/v2/attack-protection/suspicious-ip-throttling endpoint to achieve these tasks. Getting the suspicious IP throttling configuration is a GET request, while updating the suspicious IP throttling configuration is a PATCH request.
Getting the suspicious IP throttling configuration
In Auth0, we can retrieve the suspicious IP throttling configuration details by sending a GET HTTPS request to the suspicious-ip-throttling endpoint.
Request parameters
There are no request parameters required for this particular endpoint.
Click the “Run” button to retrieve the suspicious IP throttling configuration.
// Importing libraries hereconst fetch = require('node-fetch');const endpointUrl = new URL('https://{{DOMAIN}}/api/v2/attack-protection/brute-force-protection');const headerParameters = {'Content-Type': 'application/json','Authorization': 'Bearer {{ACCESS_TOKEN}}',}const options = {method: 'GET',headers: headerParameters,};async function getSuspiciousIPThrottling() {try {const response = await fetch(endpointUrl, options);printResponse(response);} catch (error) {printError(error);}}getSuspiciousIPThrottling();
Let's look at the highlighted lines from the code shown above:
Line 4: We define the endpoint URL to retrieve the suspicious IP throttling configuration.
Line 18: We make a
GETrequest using thefetchfunction.Line 25: We invoke the
getSuspiciousIPThrottlingfunction.
Response fields
The successful execution of the above code will retrieve the suspicious IP throttling configuration and return its details. Some important response fields are as follows:
Name | Description |
| Contains the details of whether suspicious IP throttling configuration should be enabled or not. |
| Contains details about the customization of protection against the suspicious IP throttling configuration violations. |
| Defines the list of allowed IP addresses. |
| Defines the stage configurations. |
| Defines the rate configurations in which they define the interval after which a new attempt will be issued. |
Updating the suspicious IP throttling configuration
The update suspicious-ip-throttling configuration endpoint in Auth0 allows us to configure the rate limiting and block behavior for suspicious IP addresses. This endpoint can limit the number of login attempts from a single IP address and determine the length of time an IP address should be blocked for, if it exceeds the allowed number of attempts. In this section, we’ll update the configuration settings using the updated suspicious-ip-throttling configuration endpoint.
Request parameters
To invoke this endpoint, we will use a PATCH request. We have a list of parameters that can be passed as body parameters. Let's have a look at some important ones in the table below:
Parameter Name | Type | Category | Description |
| Boolean | Optional | Defines whether the suspicious IP throttling configuration should be enabled or not. |
| Array | Optional | Defines the customization of protection against suspicious IP throttling configuration violations. |
| Array | Optional | Exempts IP addresses that will not be subjected to attack defense. |
| Integer | Optional | Defined to add the interval time between new attempts. |
| Integer | Optional | Defines the limits for the maximum number of unsuccessful attempts. |
Next, let's update the suspicious IP throttling configuration. Click the “Run” button to update the configurations.
// Importing libraries hereconst fetch = require('node-fetch');const endpointUrl = new URL('https://{{DOMAIN}}/api/v2/attack-protection/suspicious-ip-throttling');headerParameters = {'Content-Type': 'application/json','Authorization': 'Bearer {{ACCESS_TOKEN}}',}const bodyParameters = JSON.stringify({"enabled": true,"shields": ["admin_notification",],"stage": {"pre-login": {"max_attempts": 5,}}});const options = {method: 'PATCH',headers: headerParameters,body: bodyParameters,};async function updateSuspiciousIPThrottling() {try {const response = await fetch(endpointUrl, options);printResponse(response);} catch (error) {printError(error);}}updateSuspiciousIPThrottling();
Let's look at the highlighted lines from the code shown above:
Line 4: We define the endpoint URL for the API call.
Lines 11–19: We define the
bodyParametersobject.Line 12: We define the
enabledparameter and set its value totrue, which will enable the suspicious IP throttling configuration.Lines 13–15: We define the
shieldsparameter and set its value toadmin_notification.Lines 16-21 We define the
stageparameter in which we set the value ofmax_attemptsto5.
Line 29: We make a
PATCHrequest using thefetchfunction.Line 38: We invoke the
updateSuspiciousIPThrottlingfunction.
Response fields
The successful execution of the above code enables the suspicious IP throttling configuration and returns its details. Some important response fields are as follows:
Name | Description |
| Contains the details of whether suspicious IP throttling configuration is enabled or not. |
| Contains details about the customization of protection against the suspicious IP throttling configuration violations. |
| Defines the list of allowed IP addresses. |
| Defines the stage configuration. |