Attack Protection

The Attack Protection API provides operations to configure the User Lockout Settings and the Authenticator Settings in your org to protect against password abuse.

Retrieve the User Lockout Settings
OAuth 2.0: okta.orgs.read

Retrieves the User Lockout Settings for an org

Responses
200

OK

403

Forbidden

429

Too Many Requests

get/attack-protection/api/v1/user-lockout-settings
Request samples
Response samples
application/json
[
  • {
    • "preventBruteForceLockoutFromUnknownDevices": false
    }
]

Replace the User Lockout Settings
OAuth 2.0: okta.orgs.manage

Replaces the User Lockout Settings for an org

Request
Request Body schema: application/json
required
preventBruteForceLockoutFromUnknownDevices
boolean
Default: false

Prevents brute-force lockout from unknown devices for the password authenticator.

Responses
200

OK

400

Bad Request

403

Forbidden

429

Too Many Requests

put/attack-protection/api/v1/user-lockout-settings
Request samples
application/json
{
  • "preventBruteForceLockoutFromUnknownDevices": false
}
Response samples
application/json
{
  • "preventBruteForceLockoutFromUnknownDevices": false
}