Hi,
i want to enable bruteForceProtection and its setting with config/Env Variables or something similar cause i’m deploying keycloak with helm and want it as securely configured as it can be from start.
How is this possible - i didn’t find anything in the all configs page or any env variables.
Or is it really true that this feature can only be turned on “by hand” - i hope not
If you are importing a realm, you can set those values in the json file you import. The keys are
"bruteForceProtected": true,
"permanentLockout": false,
"maxTemporaryLockouts": 0,
"maxFailureWaitSeconds": 900,
"minimumQuickLoginWaitSeconds": 60,
"waitIncrementSeconds": 60,
"quickLoginCheckMilliSeconds": 1000,
The best way to test this is to set it up in a realm the way you want, and then export the realm as json.