diff --git a/api/src/identity-access-management/domain/errors.js b/api/src/identity-access-management/domain/errors.js
index a9fd1dfe5a1..06f9192b140 100644
--- a/api/src/identity-access-management/domain/errors.js
+++ b/api/src/identity-access-management/domain/errors.js
@@ -44,7 +44,7 @@ class MissingOrInvalidCredentialsError extends DomainError {
     this.meta = {};
     this.meta.isLoginFailureWithUsername = meta?.isLoginFailureWithUsername ?? false;
     if (meta?.remainingAttempts) {
-      this.meta = meta.remainingAttempts;
+      this.meta.remainingAttempts = meta.remainingAttempts;
     }
   }
 }
diff --git a/api/tests/identity-access-management/unit/application/http-error-mapper-configuration_test.js b/api/tests/identity-access-management/unit/application/http-error-mapper-configuration_test.js
index 562a4b9f431..cd3f3bf0b25 100644
--- a/api/tests/identity-access-management/unit/application/http-error-mapper-configuration_test.js
+++ b/api/tests/identity-access-management/unit/application/http-error-mapper-configuration_test.js
@@ -40,61 +40,101 @@ describe('Unit | Identity Access Management | Application | HttpErrorMapperConfi
 
   context('when mapping "DifferentExternalIdentifierError"', function () {
     it('returns an ConflictError Http Error', function () {
-      //given
+      // given
       const httpErrorMapper = authenticationDomainErrorMappingConfiguration.find(
         (httpErrorMapper) => httpErrorMapper.name === DifferentExternalIdentifierError.name,
       );
 
-      //when
+      // when
       const error = httpErrorMapper.httpErrorFn(new DifferentExternalIdentifierError());
 
-      //then
+      // then
       expect(error).to.be.instanceOf(HttpErrors.ConflictError);
     });
   });
 
   context('when mapping "MissingOrInvalidCredentialsError"', function () {
-    it('returns an UnauthorizedError Http Error', function () {
-      //given
-      const httpErrorMapper = authenticationDomainErrorMappingConfiguration.find(
-        (httpErrorMapper) => httpErrorMapper.name === MissingOrInvalidCredentialsError.name,
-      );
+    context('when isLoginFailureWithUsername is true', function () {
+      it('returns a UnauthorizedError with isLoginFailureWithUsername set to true', function () {
+        // given
+        const httpErrorMapper = authenticationDomainErrorMappingConfiguration.find(
+          (httpErrorMapper) => httpErrorMapper.name === MissingOrInvalidCredentialsError.name,
+        );
+
+        // when
+        const error = httpErrorMapper.httpErrorFn(
+          new MissingOrInvalidCredentialsError({ isLoginFailureWithUsername: true }),
+        );
+
+        // then
+        expect(error).to.be.instanceOf(HttpErrors.UnauthorizedError);
+        expect(error.meta.isLoginFailureWithUsername).to.be.true;
+      });
+    });
 
-      //when
-      const error = httpErrorMapper.httpErrorFn(new MissingOrInvalidCredentialsError());
+    context('when isLoginFailureWithUsername is false', function () {
+      it('returns a UnauthorizedError with isLoginFailureWithUsername set to false', function () {
+        // given
+        const httpErrorMapper = authenticationDomainErrorMappingConfiguration.find(
+          (httpErrorMapper) => httpErrorMapper.name === MissingOrInvalidCredentialsError.name,
+        );
+
+        // when
+        const error = httpErrorMapper.httpErrorFn(
+          new MissingOrInvalidCredentialsError({ isLoginFailureWithUsername: false }),
+        );
+
+        // then
+        expect(error).to.be.instanceOf(HttpErrors.UnauthorizedError);
+        expect(error.meta.isLoginFailureWithUsername).to.be.false;
+      });
+    });
 
-      //then
-      expect(error).to.be.instanceOf(HttpErrors.UnauthorizedError);
+    context('when remainingAttempts is provided', function () {
+      it('returns a UnauthorizedError with remainingAttempts set', function () {
+        // given
+        const httpErrorMapper = authenticationDomainErrorMappingConfiguration.find(
+          (httpErrorMapper) => httpErrorMapper.name === MissingOrInvalidCredentialsError.name,
+        );
+        const remainingAttempts = 3;
+
+        // when
+        const error = httpErrorMapper.httpErrorFn(new MissingOrInvalidCredentialsError({ remainingAttempts }));
+
+        // then
+        expect(error).to.be.instanceOf(HttpErrors.UnauthorizedError);
+        expect(error.meta.remainingAttempts).to.equal(remainingAttempts);
+      });
     });
   });
 
   context('when mapping "MissingUserAccountError"', function () {
     it('returns an BadRequestError Http Error', function () {
-      //given
+      // given
       const httpErrorMapper = authenticationDomainErrorMappingConfiguration.find(
         (httpErrorMapper) => httpErrorMapper.name === MissingUserAccountError.name,
       );
 
-      //when
+      // when
       const error = httpErrorMapper.httpErrorFn(new MissingUserAccountError());
 
-      //then
+      // then
       expect(error).to.be.instanceOf(HttpErrors.BadRequestError);
     });
   });
 
   context('when mapping "PasswordResetDemandNotFoundError"', function () {
     it('returns a NotFoundError Http Error', function () {
-      //given
+      // given
       const httpErrorMapper = authenticationDomainErrorMappingConfiguration.find(
         (httpErrorMapper) => httpErrorMapper.name === PasswordResetDemandNotFoundError.name,
       );
       const message = 'Test message error';
 
-      //when
+      // when
       const error = httpErrorMapper.httpErrorFn(new PasswordResetDemandNotFoundError(message));
 
-      //then
+      // then
       expect(error).to.be.instanceOf(HttpErrors.NotFoundError);
       expect(error.message).to.equal(message);
     });
@@ -102,16 +142,16 @@ describe('Unit | Identity Access Management | Application | HttpErrorMapperConfi
 
   context('when mapping "UserCantBeCreatedError"', function () {
     it('returns an UnauthorizedError Http Error', function () {
-      //given
+      // given
       const httpErrorMapper = authenticationDomainErrorMappingConfiguration.find(
         (httpErrorMapper) => httpErrorMapper.name === UserCantBeCreatedError.name,
       );
       const message = 'Test message error';
 
-      //when
+      // when
       const error = httpErrorMapper.httpErrorFn(new UserCantBeCreatedError(message));
 
-      //then
+      // then
       expect(error).to.be.instanceOf(HttpErrors.UnauthorizedError);
       expect(error.message).to.equal(message);
     });
@@ -119,17 +159,17 @@ describe('Unit | Identity Access Management | Application | HttpErrorMapperConfi
 
   context('when mapping "UserShouldChangePasswordError"', function () {
     it('returns an PasswordShouldChangeError Http Error', function () {
-      //given
+      // given
       const httpErrorMapper = authenticationDomainErrorMappingConfiguration.find(
         (httpErrorMapper) => httpErrorMapper.name === UserShouldChangePasswordError.name,
       );
       const message = 'Test message error';
       const meta = 'Test meta';
 
-      //when
+      // when
       const error = httpErrorMapper.httpErrorFn(new UserShouldChangePasswordError(message, meta));
 
-      //then
+      // then
       expect(error).to.be.instanceOf(HttpErrors.PasswordShouldChangeError);
       expect(error.message).to.equal(message);
       expect(error.meta).to.equal(meta);