The Loginapp REST API may provide REST clients with the user's last login information while in the authentication flow.
A typical use case is to display the date and time of the last login attempt during login. This may be while checking a 2nd authentication factor or in any other step in the authentication process after identifying the user.
If this feature is enabled, the latest login information is provided in all REST responses after successfully identifying the user. If an authentication flow starts with a user identifying step without verification of an authentication factor (e.g. password, remember-me cookie, SSO ticket, ...) this may lead to unwanted information leakage.