feat: add too_many_attempts error to passwordless

Open avamachado-okta opened this issue 1 month ago • 0 comments

Changes

Add Brute-Force Protection too_many_attempts error to passwordless error mappings to support adding Brute-Force Protection to passwordless/start endpoint

References

https://auth0team.atlassian.net/browse/EUP-23

Testing

This was tested alongside changes to enforce Brute-Force Protection on the passwordless/start endpoint. The error is not currently emitted in this location.

block user
attempt passwordless login
user will be blocked from continuing login since no Brute-Force Protection attempts remain

The current behavior without this change just shows generic error when Brute-Force Protection is enforced: Screenshot 2025-12-08 at 11 54 12 AM

[ ] This change adds unit test coverage
[ ] This change adds integration test coverage
[x] This change has been tested on the latest version of the platform/language

Checklist

[x] I have read the Auth0 general contribution guidelines
[x] I have read the Auth0 Code of Conduct
[x] All code quality tools/guidelines have been run/followed
[x] All relevant assets have been compiled

Dec 08 '25 19:12 avamachado-okta