{"id":780,"date":"2023-08-02T15:58:01","date_gmt":"2023-08-02T07:58:01","guid":{"rendered":"https:\/\/www.ruianding.com\/blog\/?p=780"},"modified":"2023-08-31T01:49:16","modified_gmt":"2023-08-30T17:49:16","slug":"adfs-external-smart-lockout","status":"publish","type":"post","link":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/","title":{"rendered":"Introduction of ADFS External Smart Lockout"},"content":{"rendered":"\n

Overview<\/h3>\n\n\n\n

ADFS Extranet Smart Lockout (ESL)<\/strong> is a security feature that protects your users from getting locked out of their accounts due to malicious activities. It works with AD FS (Active Directory Federation Services) to distinguish between login attempts from familiar locations and those that may be from attackers. With ESL, AD FS can prevent attackers from gaining access while allowing legitimate users to continue using their accounts.<\/strong><\/p>\n\n\n\n

Extranet Smart Lockout feature in Windows Server 2016 – Windows Server | Microsoft Learn<\/a><\/p>\n\n\n\n

Configure AD FS Extranet Smart Lockout Protection | Microsoft Learn<\/a><\/p>\n\n\n\n

ESL is available for AD FS on Windows Server 2016 (with June 2018 Windows Updates) and comes built-in with AD FS on Windows Server 2019.<\/p>\n\n\n\n

Please note that ESL is specifically designed for username and password authentication requests that come from the extranet using the Web Application Proxy or a third-party proxy. If you’re using a third-party proxy, it must support the MS-ADFSPIP protocol to replace the Web Application Proxy<\/p>\n\n\n\n

\n\n\n\n

1. Update AD FS artifact database permissions<\/h3>\n\n\n\n

Extranet Smart Lockout (ESL) requires granting specific permissions to the AD FS service account so that it can create a new table in the AD FS artifact database. Here’s a step-by-step guide to achieve this:<\/p>\n\n\n\n

    \n
  1. Log in to any AD FS server as an AD FS admin.<\/li>\n\n\n\n
  2. Open a PowerShell Command Prompt window.<\/li>\n\n\n\n
  3. Execute the following commands to grant the necessary permissions to the AD FS service account:<\/li>\n<\/ol>\n\n\n\n
    $cred = Get-Credential\nUpdate-AdfsArtifactDatabasePermission -Credential $cred<\/pre>\n\n\n\n
    The $cred placeholder should be replaced with the credentials of an account that has AD FS administrator permissions<\/strong>. This account will be used to grant the write permissions required for creating the table.<\/p>\n\n\n\n
    \n
    \n
    If your AD FS farm is using SQL Server and the provided credentials lack admin permissions on your SQL server, the above commands may fail to execute successfully.<\/p>\n\n\n\n
    \"\"<\/figure>\n<\/div>\n<\/div><\/div>\n\n\n\n
    You can configure the database permissions manually in SQL Server Database by running the following command while connected to the AdfsArtifactStore database:<\/p>\n\n\n\n
    ALTER AUTHORIZATION ON SCHEMA::[ArtifactStore] TO [db_genevaservice]<\/pre>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    Please note that if the ESL policy has never been set up, there will be no ArtifactStore installed. Therefore, we must enable the policy first in order to enable the ArtifactStore table.
    Set-AdfsProperties -EnableExtranetLockout $true -ExtranetLockoutThreshold 15 -ExtranetObservationWindow (new-timespan -Minutes 30) -ExtranetLockoutRequirePDC $false<\/mark><\/p>\n\n\n\n
    By following these steps, you should grant the necessary permissions to the AD FS service account, allowing Extranet Smart Lockout to function properly and enhance the security of your AD FS environment.<\/p>\n\n\n\n
    \n\n\n\n
    2. AD FS ESL Terminology<\/h3>\n\n\n\n
    See this post: ADFS External Smart Lockout Terminology – Ruian’s Tech Troubleshooting Toolbox (ruianding.com)<\/a><\/p>\n\n\n\n
    \n\n\n\n
    3. Manage User Account Activity<\/h3>\n\n\n\n
    AD FS provides three cmdlets to manage account activity data<\/strong>. These cmdlets automatically connect to the master node.<\/p>\n\n\n\n
    This behavior can be overridden by passing the -Server parameter.<\/strong><\/p>\n\n\n\n
    Get-ADFSAccountActivity <UserPrincipalName><\/pre>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    The get command reads the current account activity for a user account<\/strong>. The cmdlet always automatically connects to the farm primary by using the Account Activity REST endpoint. Therefore, all data should always be consistent.<\/p>\n\n\n\n
    Properties:<\/strong><\/p>\n\n\n\n
      \n
    • BadPwdCountFamiliar<\/strong>: Incremented when an authentication is unsuccessful from a known location.<\/li>\n\n\n\n
    • BadPwdCountUnknown<\/strong>: Incremented when an authentication is unsuccessful from an unknown location<\/li>\n\n\n\n
    • LastFailedAuthFamiliar<\/strong>: If authentication was unsuccessful from a familiar location, LastFailedAuthFamiliar is set to time of unsuccessful authentication<\/li>\n\n\n\n
    • LastFailedAuthUnknown<\/strong>: If authentication was unsuccessful from an unknown location, LastFailedAuthUnknown is set to time of unsuccessful authentication<\/li>\n\n\n\n
    • FamiliarLockout<\/strong>: Boolean value which will be \u201cTrue\u201d if the \u201cBadPwdCountFamiliar\u201d > ExtranetLockoutThreshold<\/li>\n\n\n\n
    • UnknownLockout<\/strong>: Boolean value which will be \u201cTrue\u201d if the \u201cBadPwdCountUnknown\u201d > ExtranetLockoutThreshold – FamiliarIPs<\/strong>: maximum of 20 IPs which are familiar for the user. When this is exceeded the oldest IP in the list will be removed.<\/li>\n<\/ul>\n\n\n\n
      Set-ADFSAccountActivity<\/strong><\/p>\n\n\n\n
      Adds new familiar locations. The familiar IP list has a maximum of 20 entries, if this is exceeded, the oldest IP in the list will be removed.<\/p>\n\n\n\n
      Set-ADFSAccountActivity user@contoso.com -AdditionalFamiliarIps \u201c1.2.3.4\u201d<\/pre>\n\n\n\n
      Reset-ADFSAccountLockout<\/strong><\/p>\n\n\n\n
      Resets the lockout counter for a user account for each Familiar location (badPwdCountFamiliar) or Unfamiliar Location counters (badPwdCountUnfamiliar). By resetting a counter, the \u201cFamiliarLockout\u201d or \u201cUnfamiliarLockout\u201d value will update, as the reset counter will be less than the threshold.<\/p>\n\n\n\n
      Reset-ADFSAccountLockout user@contoso.com -Location Familiar\u00a0\nReset-ADFSAccountLockout user@contoso.com -Location Unknown<\/pre>\n","protected":false},"excerpt":{"rendered":"
      Overview ADFS Extranet Smart Lockout (ESL) is a security feature that protects your users from getting locked out of their accounts due to malicious activities. It works with AD FS (Active Directory Federation Services) to distinguish between login attempts from familiar locations and those that may be from attackers. With ESL, AD FS can prevent […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[42,10],"tags":[5],"class_list":["post-780","post","type-post","status-publish","format-standard","hentry","category-adfs","category-tutorial","tag-adfs"],"yoast_head":"\nIntroduction of ADFS External Smart Lockout - \u6781\u7b80IT\uff5cSimpleIT<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Introduction of ADFS External Smart Lockout - \u6781\u7b80IT\uff5cSimpleIT\" \/>\n<meta property=\"og:description\" content=\"Overview ADFS Extranet Smart Lockout (ESL) is a security feature that protects your users from getting locked out of their accounts due to malicious activities. It works with AD FS (Active Directory Federation Services) to distinguish between login attempts from familiar locations and those that may be from attackers. With ESL, AD FS can prevent […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/\" \/>\n<meta property=\"og:site_name\" content=\"\u6781\u7b80IT\uff5cSimpleIT\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-02T07:58:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-30T17:49:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png\" \/>\n<meta name=\"author\" content=\"Ruian Ding\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ruian Ding\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/\"},\"author\":{\"name\":\"Ruian Ding\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\"},\"headline\":\"Introduction of ADFS External Smart Lockout\",\"datePublished\":\"2023-08-02T07:58:01+00:00\",\"dateModified\":\"2023-08-30T17:49:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/\"},\"wordCount\":653,\"publisher\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\"},\"image\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png\",\"keywords\":[\"ADFS\"],\"articleSection\":[\"ADFS\",\"Tutorial\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/\",\"url\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/\",\"name\":\"Introduction of ADFS External Smart Lockout - \u6781\u7b80IT\uff5cSimpleIT\",\"isPartOf\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png\",\"datePublished\":\"2023-08-02T07:58:01+00:00\",\"dateModified\":\"2023-08-30T17:49:16+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#primaryimage\",\"url\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png\",\"contentUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png\",\"width\":837,\"height\":216},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.ruianding.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Introduction of ADFS External Smart Lockout\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/#website\",\"url\":\"https:\/\/www.ruianding.com\/blog\/\",\"name\":\"Ruian's Tech Troubleshooting Toolbox\",\"description\":\"Debug the World.\",\"publisher\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\"},\"alternateName\":\"\u4e01\u777f\u5b89\u7684\u6280\u672f\u5206\u4eab\u535a\u5ba2\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.ruianding.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\",\"name\":\"Ruian Ding\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png\",\"contentUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png\",\"width\":284,\"height\":284,\"caption\":\"Ruian Ding\"},\"logo\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/\"},\"description\":\"I am currently a Support Specialist at NIO, focusing on cloud-related issues for NIO Power. Previously, at Microsoft Entra ID, I specialized in identity and access management (IAM), including device registration, Windows Hello for Business (WHfB), multi-factor authentication (MFA), and single sign-on (SSO). In addition to my core expertise, I have a strong foundation in Active Directory, Servers, Cloud Computing, Network Administration, and Front-end Web Development. This diverse technical skill set enables me to effectively handle a wide range of challenges in a fast-paced IT environment.\",\"sameAs\":[\"https:\/\/www.ruianding.com\"],\"url\":\"https:\/\/www.ruianding.com\/blog\/author\/ruiand\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Introduction of ADFS External Smart Lockout - \u6781\u7b80IT\uff5cSimpleIT","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/","og_locale":"en_US","og_type":"article","og_title":"Introduction of ADFS External Smart Lockout - \u6781\u7b80IT\uff5cSimpleIT","og_description":"Overview ADFS Extranet Smart Lockout (ESL) is a security feature that protects your users from getting locked out of their accounts due to malicious activities. It works with AD FS (Active Directory Federation Services) to distinguish between login attempts from familiar locations and those that may be from attackers. With ESL, AD FS can prevent […]","og_url":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/","og_site_name":"\u6781\u7b80IT\uff5cSimpleIT","article_published_time":"2023-08-02T07:58:01+00:00","article_modified_time":"2023-08-30T17:49:16+00:00","og_image":[{"url":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png","type":"","width":"","height":""}],"author":"Ruian Ding","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Ruian Ding","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#article","isPartOf":{"@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/"},"author":{"name":"Ruian Ding","@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b"},"headline":"Introduction of ADFS External Smart Lockout","datePublished":"2023-08-02T07:58:01+00:00","dateModified":"2023-08-30T17:49:16+00:00","mainEntityOfPage":{"@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/"},"wordCount":653,"publisher":{"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b"},"image":{"@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png","keywords":["ADFS"],"articleSection":["ADFS","Tutorial"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/","url":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/","name":"Introduction of ADFS External Smart Lockout - \u6781\u7b80IT\uff5cSimpleIT","isPartOf":{"@id":"https:\/\/www.ruianding.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#primaryimage"},"image":{"@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png","datePublished":"2023-08-02T07:58:01+00:00","dateModified":"2023-08-30T17:49:16+00:00","breadcrumb":{"@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#primaryimage","url":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png","contentUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/08\/image-13.png","width":837,"height":216},{"@type":"BreadcrumbList","@id":"https:\/\/www.ruianding.com\/blog\/adfs-external-smart-lockout\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.ruianding.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Introduction of ADFS External Smart Lockout"}]},{"@type":"WebSite","@id":"https:\/\/www.ruianding.com\/blog\/#website","url":"https:\/\/www.ruianding.com\/blog\/","name":"Ruian's Tech Troubleshooting Toolbox","description":"Debug the World.","publisher":{"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b"},"alternateName":"\u4e01\u777f\u5b89\u7684\u6280\u672f\u5206\u4eab\u535a\u5ba2","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.ruianding.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b","name":"Ruian Ding","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png","contentUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png","width":284,"height":284,"caption":"Ruian Ding"},"logo":{"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/"},"description":"I am currently a Support Specialist at NIO, focusing on cloud-related issues for NIO Power. Previously, at Microsoft Entra ID, I specialized in identity and access management (IAM), including device registration, Windows Hello for Business (WHfB), multi-factor authentication (MFA), and single sign-on (SSO). In addition to my core expertise, I have a strong foundation in Active Directory, Servers, Cloud Computing, Network Administration, and Front-end Web Development. This diverse technical skill set enables me to effectively handle a wide range of challenges in a fast-paced IT environment.","sameAs":["https:\/\/www.ruianding.com"],"url":"https:\/\/www.ruianding.com\/blog\/author\/ruiand\/"}]}},"_links":{"self":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts\/780","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/comments?post=780"}],"version-history":[{"count":10,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts\/780\/revisions"}],"predecessor-version":[{"id":830,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts\/780\/revisions\/830"}],"wp:attachment":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/media?parent=780"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/categories?post=780"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/tags?post=780"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}