Some more information available here: Mitigate brute force attack on user passwords. Sample Code: Custom permission (role) implementation (Repo AMP) Custom DocLib Action using custom permission (role) (Share AMP)