or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

Files

docs

attack-detection.mdauthentication-management.mdcache-management.mdclient-configuration.mdclient-management.mdclient-policies.mdclient-scopes.mdcomponents.mdgroup-management.mdidentity-providers.mdindex.mdorganization-management.mdrealm-management.mdrole-management.mdserver-info.mduser-management.mduser-storage-provider.mdutility-functions.mdwhoami.md
tile.json

attack-detection.mddocs/

0
# Attack Detection
1


2
Attack detection provides brute force protection management, allowing administrators to monitor and clear attack detection data for users who have been temporarily disabled due to failed login attempts.
3


4
## Capabilities
5


6
### Brute Force Attack Management
7


8
Manage brute force attack detection data and clear protection locks.
9


10
```typescript { .api }
11
/**
12
 * Get brute force attack detection data for a specific user
13
 * @param params - Parameters containing the user ID
14
 * @returns Attack detection data or undefined if not found
15
 */
16
findOne(params: { id: string }): Promise<Record<string, any> | undefined>;
17


18
/**
19
 * Clear brute force attack detection data for a specific user
20
 * @param params - Parameters containing the user ID
21
 * @returns void
22
 */
23
del(params: { id: string }): Promise<void>;
24


25
/**
26
 * Clear all brute force attack detection data for the realm
27
 * @returns void
28
 */
29
delAll(): Promise<void>;
30
```
31


32
## Usage Examples
33


34
```typescript
35
import KeycloakAdminClient from "@keycloak/keycloak-admin-client";
36


37
const kcAdminClient = new KeycloakAdminClient({
38
  baseUrl: 'http://localhost:8080',
39
  realmName: 'myrealm',
40
});
41


42
await kcAdminClient.auth({
43
  username: 'admin',
44
  password: 'admin',
45
  grantType: 'password',
46
  clientId: 'admin-cli',
47
});
48


49
// Get attack detection data for a user
50
const attackData = await kcAdminClient.attackDetection.findOne({
51
  id: 'user-id-here'
52
});
53


54
if (attackData) {
55
  console.log('User has attack detection data:', attackData);
56
  
57
  // Clear attack detection for this specific user
58
  await kcAdminClient.attackDetection.del({
59
    id: 'user-id-here'
60
  });
61
  
62
  console.log('Attack detection data cleared for user');
63
}
64


65
// Clear all attack detection data in the realm
66
await kcAdminClient.attackDetection.delAll();
67
console.log('All attack detection data cleared');
68
```
69


70
## Common Use Cases
71


72
**Unlocking Users**: When users are temporarily disabled due to brute force protection, administrators can use this API to clear the attack detection data and allow users to attempt login again.
73


74
**Monitoring Security**: Review attack detection data to identify patterns of failed login attempts and potential security threats.
75


76
**Bulk Cleanup**: Clear all attack detection data when needed, such as after resolving a system-wide authentication issue.