stage/authenticator*: expand attempt throttling to email- and sms-based 2FA (#21751)

* stages/authenticator*: enable attempt throttling for email- and sms-based second authentication factor * stages/authenticator*: add throttling tests * stage/authenticator_validate: add throttling documentation * Update website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.mdx Co-authored-by: Dominic R <dominic@sdko.org> Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com> * Update website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.mdx Co-authored-by: Dominic R <dominic@sdko.org> Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com> * stages/authenticator_validate: update docs wording * Update website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.mdx Co-authored-by: Dominic R <dominic@sdko.org> Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com> * Update website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.mdx Co-authored-by: Dominic R <dominic@sdko.org> Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com> * Update website/docs/add-secure-apps/flows-stages/stages/authenticator_validate/index.mdx Co-authored-by: Dominic R <dominic@sdko.org> Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com> --------- Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com> Co-authored-by: Dominic R <dominic@sdko.org>
2026-06-17 19:09:11 +03:00 · 2026-05-07 20:12:06 +03:00
parent f1d3664c96
commit 93abd2e041
24 changed files with 782 additions and 37 deletions
@@ -35613,6 +35613,18 @@ components:
          items:
            $ref: '#/components/schemas/WebAuthnDeviceType'
          readOnly: true
+        email_otp_throttling_factor:
+          type: number
+          format: double
+        sms_otp_throttling_factor:
+          type: number
+          format: double
+        totp_otp_throttling_factor:
+          type: number
+          format: double
+        static_otp_throttling_factor:
+          type: number
+          format: double
      required:
      - component
      - flow_set
@@ -35662,6 +35674,18 @@ components:
          items:
            type: string
            format: uuid
+        email_otp_throttling_factor:
+          type: number
+          format: double
+        sms_otp_throttling_factor:
+          type: number
+          format: double
+        totp_otp_throttling_factor:
+          type: number
+          format: double
+        static_otp_throttling_factor:
+          type: number
+          format: double
      required:
      - name
    AuthenticatorValidationChallenge:
@@ -48095,6 +48119,18 @@ components:
          items:
            type: string
            format: uuid
+        email_otp_throttling_factor:
+          type: number
+          format: double
+        sms_otp_throttling_factor:
+          type: number
+          format: double
+        totp_otp_throttling_factor:
+          type: number
+          format: double
+        static_otp_throttling_factor:
+          type: number
+          format: double
    PatchedAuthenticatorWebAuthnStageRequest:
      type: object
      description: AuthenticatorWebAuthnStage Serializer