I am trying to track a User's failed login attempts and save it into the B2C's users by their ObjectId, which I can retrieve by their sign in name. The policy I am using is the regular signupsignin policy from Microsoft's page:
I have already created a custom attribute for the B2C user called failedLoginAttempt and saved as an int. In my TrustFrameworkExtension.xml, I have created a ClaimType called extension_failedLoginAttempt.
<ClaimType Id="extension_failedLoginAttempt">
<DisplayName>count failed logins</DisplayName>
<DataType>int</DataType>
</ClaimType>
What I wanted to try to do next was to grab this attribute from the user via their sign in name and then increment it by 1 each time they failed to login. But the issue I am having is tracking where in the XML files (Extesions, localization and base) on where that is happening, but I am not able to find it.
I do see technical profiles like the below where they get called during a user's sign in, but there doesnt seem to be any information on username or password validations when I dig into the details of those profiles:
<IncludeTechnicalProfile ReferenceId="AAD-Common" /> <UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
My end goal is to force the user to change their passwords after a certain number of failed attempts, similar to the question from this post: Custom Policy for Force Reset password on first login not working
But I don't want to do it after one failed attempt but after multiple attempts and then I forced the user to change their password.