i have a scenario where by rest api my custom app tries to login
sometimes it fails and i want to give the user a meaningful error message
but i noticed that the case "bad pw" and "unlicensed user" or "unknow user" gives the same response?
am i doing something wrong or there is this possibility, i.e. to know exacly why login failed?
Hi Pierluigi, this is most likely intentional. A detailed message about why a login failed is a security risk because it provides more information to someone who might be trying to break into the system.