Best location to audit failed auth events?

I need to write audit for all successful and failed logins across different auth providers (local db, active directory, google,…).

I use IAuthEvents.OnAuthenticated to record successful logins but I can’t find a suitable hook to audit failed login attempts.

Is there something like IAuthEvents.OnFailedAuthentication where I could do this?

I also need to keep/update InvalidLoginAttempts, LastLoginAttempt, LockedDate across all providers (but local to my service). I guess if some central OnFailedAuthentication existed I could handle this in there.

There’s no OnFailedAuthentication event, the only place atm where you can hook into a failed auth request is in the AuthProvider.FailedRedirectUrlFilter delegate which allows customizing the Error Redirect Url returned.

I’ll look to see if it’s possible to add a dedicated event for this in future.

+1 for a global OnFailedAuthentication event hook - this would be very useful to keep consistent security audit.