Failed logins and lockout config
17.2.2.10. Failed login counters and account lockout configuration

The configuration of the failed login counters threshold for the REST API is configured in the authentication flows settings of the Loginapp REST API. This configuration applies to all authentication factors and all applications.

The configuration setting can be found in

Loginapp >> Authentication Flows >> Max Failed Logins

Further information and links