Skip to main content

Rate Limits

Configure thresholds and timeframes to protect against brute-force attempts.

IP-based blocking

IP Attempts Limit: Maximum number of failed login attempts allowed from a single IP address before a block occurs.
IP Reset Time: The time after which the IP's failed-attempt counter resets.
Initial Block Duration: The initial duration applied when an IP is blocked.

User account-based blocking

User Attempts Limit: Maximum number of failed login attempts for a single user account before a block occurs.
User Timeframe: The time window used to count failed attempts per user.
Max Block Time: Maximum duration for which a user account can remain blocked after repeated failures.

Tenant Configuration Rate Limits

IP-based blocking
User account-based blocking