I attempted to create an event handler that, once a token became locked out, the user was sent a single notification email that the token was locked. I configured the event and it seemed to work the way I wanted, but now I’m getting reports that users are getting emailed repeatedly about the token being locked. Below is the event configuration, should I be targeting a different endpoint or did I do something else wrong?
It works as designed. The “locked_token” is checked for each authentication request.
And thus, even if the token has reached the locked stated yesterday, it will be still in the locked state today. So the condition is true and an email will be sent.
To achieve only one notification you would have to count the failed authentications yourself, write them in a tokeninfo field in one handler.
And in another handler you would have to check for this tokeninfo.
Currently we have not condition for the failcounter.