@zero-enna

Glad that you got this figured out!

Thanks,
Josh

Hi @johnmiller

One option might be to use a webhook and take action based on this event.

https://fusionauth.io/docs/v1/tech/events-webhooks/events/user-email-verified/

Thanks,
Josh

You can now do so as of FusionAuth 1.32.

More details in the issue 628 linked above.

Tracking here: https://github.com/FusionAuth/fusionauth-issues/issues/1519

@johnmiller --

That sounds good!

Feel free to log an issue if you would like to see this supported in the future.

https://github.com/FusionAuth/fusionauth-issues/issues/new/choose

Thanks,
Josh
FusionAuth

@joshua Thanks for answering
So this is not yet possible and all I can do is thumbs up the issue and wait.

@cgoddard I think this was missing documentation that has now been added: https://fusionauth.io/docs/v1/tech/apis/entity-management/grants/#search-for-grants

Let me know if that doesn't address your question.

@cgoddard I think this topic addresses your question: https://fusionauth.io/community/forum/topic/1389/see-user-and-entity-elasticsearch-indexes-when-running-in-fusionauth-cloud

@lightalakanzam Not with standard fusionauth, because the hosted login pages don't know that the login has occurred.

You could perhaps set a cookie on login with the login API and then look for that cookie in an http proxy in front of FusionAuth, and deny access to the login pages at that time.

Or, you could, if you are only using the login API, set up the theme to have a blank login page.

@jeremy-c-london

Currently FusionAuth doesn't support these as login methods.

This would be custom development work which is typically only offered to enterprise customers, but you can reach out to the sales team to start the conversation.

@joshua Thanks, Josh.

My avatar is happy now 🙂

and/or detect that the user was an IdP managed user?

In the reconcile lambda from the IdP (here's the docs for the OIDC lambda), you can set whatever data you want on the user.data field, so you could set user.data.idpUser = true. Then you can access that value from the self edit page freemarker template and decide to show or hide the password field.

I get that this isn't as straightforward as it would be if the original feature request was implemented 🙂 . But I think there's a path forward here that doesn't wait on that.

Elasticsearch access is not available for FusionAuth cloud deployments.

I would recommend running FusionAuth locally, which should display similar results as your cloud deployment for how the user and the entities are mapped.

Users can be deactivated and reactivated using the User API. The following FusionAuth documentation outlines deactivation (or soft-delete) and reactivation:

Delete A User (soft-delete them, don't hard delete them)

Reactivate a User

HTH

The ability to search grants for a user was a gap in our documentation. We have since released an update to showcase/describe the use case.

https://fusionauth.io/docs/v1/tech/apis/entity-management/grants/#search-for-grants

Your API endpoint call will look like below:

GET /api/entity/grant/search?userId={uuid}

Additional possible filtering functionality is documented in this feature request.

@fred-fred said in Custom theme deployment between environments:

It looks like we can transport with the API using Theme Update Endpoints and sharing environment API keys so one environment can see the next environment to copy the themes over.

Yes, that's what I'd recommend. You could have different API keys for each environment and have the script that promotes the theme pull the API key from a secrets store. Make sure you limit the API key to the themes endpoint.

You also might be interested in this post: https://fusionauth.io/community/forum/topic/1306/parameterizing-themes which indicates how you can have the same theme files point to different resources in staging/prod/dev/etc.