User identification information on RackAttack messages
Summary
We've worked on issues in the past where a customer's IP (or several) is/are blocked by RackAttack but we are unable to narrow down the problem to a particular user/token. For example:
As you can see, we're lacking information about what particular user/token triggered the block.
Impact
Customers affected by RackAttack blocks are sometimes unable to troubleshoot the issue from their end and need our assistance to track down the problem. Unfortunately, with the level of logging that we get today, it is impossible for us to narrow it down.
Examples of RackAttack support issues provided in an internal note.
/cc @engwan as you filed this issue several years ago and it seems to cover the scenario we think we're dealing with here.
Recommendation
It would help with troubleshooting if, for example, we could narrow down the requests that are triggering the block maybe by extracting the first few characters of the token in question? or any other information that helps us narrow down the activity that is triggering the blocks.