Skip to content

Comments

fix: add 'too_many_attempts' to error codes in logInError function#2718

Merged
ankita10119 merged 1 commit intomasterfrom
SDK-7525
Jan 20, 2026
Merged

fix: add 'too_many_attempts' to error codes in logInError function#2718
ankita10119 merged 1 commit intomasterfrom
SDK-7525

Conversation

@ankita10119
Copy link
Contributor

@ankita10119 ankita10119 commented Jan 16, 2026
edited
Loading

Changes

Fixes issue #2589 where the authorization_error event was not being emitted when users trigger rate limiting by attempting too many failed logins.

Problem

When Auth0's brute force protection triggers and returns a too_many_attempts error (HTTP 429), Lock was not emitting the authorization_error event. This prevented applications from handling rate limiting errors gracefully through the event listener.

The error code too_many_attempts was missing from the whitelist array that determines which error codes should trigger the authorization_error event.

Solution

Added 'too_many_attempts' to the errorCodesThatEmitAuthorizationErrorEvent array in src/core/actions.js

This ensures that when rate limiting is triggered, applications can now handle it properly:

lock.on('authorization_error', function(error) {
  if (error.error === 'too_many_attempts') {
    // Show custom message to user
  }
});

References

Closes #2589

Testing

  • This change adds unit test coverage
  • This change adds integration test coverage
  • This change has been tested on the latest version of the platform/language

Checklist

@ankita10119 ankita10119 requested a review from a team as a code owner January 16, 2026 16:44
@ankita10119
Copy link
Contributor Author

ankita10119 commented Jan 16, 2026
edited
Loading

Before

Screen.Recording.2026-01-16.at.9.49.42.PM.mov

After

Screen.Recording.2026-01-16.at.9.52.29.PM.mov

@ankita10119 ankita10119 merged commit 0a6071c into master Jan 20, 2026
5 checks passed
@ankita10119 ankita10119 deleted the SDK-7525 branch January 20, 2026 12:22
This was referenced Jan 20, 2026
Closed
Merged
ankita10119 added a commit that referenced this pull request Jan 21, 2026
@ankita10119
Release v14.2.4 (#2721)
34c8f68 
**Fixed**
- fix: update className and InputWrap name in SelectInput component
(#2534) [\#2719](#2719)
([ankita10119](https://github.com/ankita10119))
- fix: handle undefined and empty domain values in HRD screen (#2526)
[\#2720](#2720)
([ankita10119](https://github.com/ankita10119))
- fix: add 'too_many_attempts' to error codes in logInError function
[\#2718](#2718)
([ankita10119](https://github.com/ankita10119))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yogeshchoudhary147 yogeshchoudhary147 yogeshchoudhary147 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

"authorization_error" event is not triggering the "too_many_attempts" error

2 participants

@ankita10119 @yogeshchoudhary147