get_realm_security_defenses
Check realm-level security defenses to verify brute-force protection, password policy, and browser security headers are configured correctly.
Instructions
Show the realm's security-defense settings (read-only).
Reports the realm-level security configuration that the admin console groups under "Security defenses":
Brute force detection: whether it is enabled, the lockout strategy, and the thresholds (max login failures, wait increments, reset window).
Password policy.
Browser security headers.
Use this to verify that brute-force protection is actually turned on and
how aggressively it locks accounts — the per-user get_brute_force_status
only reflects runtime state, not whether the policy itself is configured.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |