Refresh Flow unlocks user whom has been locked out due to Maximum invalid login attempts
Last updated 2022-02-10 ·Reference W-4571079 ·Reported By 1 users
When a user has been locked out for certain time period and in between if initiates a refresh flow then the user will be unlocked.
User should only be unlocked after set period of time or when admin unlocks them.
1) Create a test user
2) Implement the Web Server flow to get a refresh token .
3) Make a note of the refresh token from the above request.
4) Lockout test user by entering incorrect password via UI (user will be locked as per Profile Setting :Maximum invalid login attempts)
5) Invoke the Refresh Token Flow using the Refresh Token noted in step 3.
6. Now check the Test User it will be unlocked.
Reported By (1)
Is it Fixed?
Any unreleased services, features, statuses, or dates referenced in this or other public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make their purchase decisions based upon features that are currently available.