Keep getting "request blocked" at login

Ryan Kelly rfkelly at
Mon Jun 27 00:37:19 UTC 2016

On 25/06/2016 18:32, Gabriel Ivașcu wrote:
>> Longer term, we have a number of new security features in the pipeline
>> that will give us better alternatives to just outright blocking
>> requests.  For example, we will soon allow you to do an email
>> confirmation loop that verifies a login as legitimate, no matter how
>> "suspicious" the request may have seemed according to our operational
>> security rules.
> Will these features be documented somewhere? I'm interested in how the
> client flow should work.

They will be documented, as they come online, most likely as part of our
API documentation here:

However, we're going to try to move away from having FxA consumers
directly access this API, and move towards a more traditional OAuth flow
that uses this API under the hood.

If you're working on integrating FxA/Sync with something specific, I'd
love to hear more about it so that we can feed your use-case into our
longer-term plans.



More information about the Sync-dev mailing list