Skip to main content
PATCH
https://{tenantDomain}/api/v2
/
attack-protection
/
suspicious-ip-throttling
C#
using Auth0.ManagementApi;
using System.Threading.Tasks;
using Auth0.ManagementApi.AttackProtection;

public partial class Examples
{
    public async Task Example() {
        var client = new ManagementClient(
            token: "<token>"
        );

        await client.AttackProtection.SuspiciousIpThrottling.UpdateAsync(
            new UpdateSuspiciousIpThrottlingSettingsRequestContent()
        );
    }

}
package example

import (
    context "context"

    attackprotection "github.com/auth0/go-auth0/management/management/attackprotection"
    client "github.com/auth0/go-auth0/management/management/client"
    option "github.com/auth0/go-auth0/management/management/option"
)

func do() {
    client := client.NewClient(
        option.WithToken(
            "<token>",
        ),
    )
    request := &attackprotection.UpdateSuspiciousIpThrottlingSettingsRequestContent{}
    client.AttackProtection.SuspiciousIpThrottling.Update(
        context.TODO(),
        request,
    )
}
package com.example.usage;

import com.auth0.client.mgmt.ManagementApi;
import com.auth0.client.mgmt.resources.attackprotection.suspiciousipthrottling.requests.UpdateSuspiciousIpThrottlingSettingsRequestContent;

public class Example {
    public static void main(String[] args) {
        ManagementApi client = ManagementApi
            .builder()
            .token("<token>")
            .build();

        client.attackProtection().suspiciousIpThrottling().update(
            UpdateSuspiciousIpThrottlingSettingsRequestContent
                .builder()
                .build()
        );
    }
}
<?php

namespace Example;

use Auth0\SDK\API\Management\Management;
use Auth0\SDK\API\Management\AttackProtection\SuspiciousIpThrottling\Requests\UpdateSuspiciousIpThrottlingSettingsRequestContent;

$client = new Management(
    token: '<token>',
);
$client->attackProtection->suspiciousIpThrottling->update(
    new UpdateSuspiciousIpThrottlingSettingsRequestContent([]),
);
from auth0.management import ManagementClient

client = ManagementClient(
    token="<token>",
)

client.attack_protection.suspicious_ip_throttling.update()
require "auth0"

client = Auth0::Management.new(token: "<token>")

client.attack_protection.suspicious_ip_throttling.update
import { ManagementClient } from "auth0";

async function main() {
    const client = new ManagementClient({
        token: "<token>",
    });
    await client.attackProtection.suspiciousIpThrottling.update({});
}
main();
import { ManagementClient } from "auth0";

async function main() {
    const client = new ManagementClient({
        token: "<token>",
    });
    await client.attackProtection.suspiciousIpThrottling.update({});
}
main();
curl --request PATCH \
  --url https://{tenantDomain}/api/v2/attack-protection/suspicious-ip-throttling \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "enabled": true,
  "shields": [],
  "allowlist": [
    "127.0.0.1"
  ],
  "stage": {
    "pre-login": {
      "max_attempts": 100,
      "rate": 864000
    },
    "pre-user-registration": {
      "max_attempts": 50,
      "rate": 1728000
    }
  }
}
'
{
  "enabled": true,
  "shields": [],
  "allowlist": [
    "127.0.0.1"
  ],
  "stage": {
    "pre-login": {
      "max_attempts": 100,
      "rate": 864000
    },
    "pre-user-registration": {
      "max_attempts": 50,
      "rate": 1728000
    }
  }
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

enabled
boolean

Whether or not suspicious IP throttling attack protections are active.

shields
enum<string>[]

Action to take when a suspicious IP throttling threshold is violated. Possible values: block, admin_notification.

Available options:
block,
admin_notification
allowlist
(string<ipv4> | string<cidr> | string<ipv6> | string<ipv6_cidr>)[]

List of trusted IP addresses that will not have attack protection enforced against them.

stage
object

Holds per-stage configuration options (max_attempts and rate).

Response

Suspicious IP throttling configuration successfully updated.

enabled
boolean

Whether or not suspicious IP throttling attack protections are active.

shields
enum<string>[]

Action to take when a suspicious IP throttling threshold is violated. Possible values: block, admin_notification.

Available options:
block,
admin_notification
allowlist
(string<ipv4> | string<cidr> | string<ipv6> | string<ipv6_cidr>)[]

List of trusted IP addresses that will not have attack protection enforced against them.

stage
object

Holds per-stage configuration options (max_attempts and rate).