Howdy Folks,
I've just started my research and thought I'd ask here first:
I have an Admin user that is used to Authenticate/Authorize API calls. This user exists in several environments, each with a different password. During some testing, I discovered the Admin user had been locked out because the tester was using an invalid password; because the API calls are automated it wasn't readily apparent what had happened.
Is there a way for me to exclude the Admin user from the Brute Force Protection, from either ignoring their failed_login_count or not having their failed_login_count increased; Or even by some other means?
Thanks, in advance, for any assistance I may receive.
Cheers,
Mel