Hello,
I would like to audit log every unauthorised access of Keycloak resources. The approach we take in our project is that we implement an EventListenerProvider that audit logs all Keycloak events. The problem is, there is no event emitted by Keycloak for unauthorised access attempt. If a user who has no permission to query clients tries to do so, a user gets 401 Unauthorised, there is no Keycloak event emitted and we cannot log it. Is there any other way we could try logging unauthorised requests?
Thank you,
Oxana