It looks like the uuid isn't being sent as a string. Per https://fusionauth.io/docs/v1/tech/reference/data-types#uuids it should be quoted.

So you want to send:

{ "applicationId": "15e45e7d-3e34-43df-9366-91c66a8cc9ae", "loginId": "myuserid", "password": "mypassword" }

Note that with version 1.16.x, elastic search is no longer required to run FusionAuth. More here about how you might make the choice: https://fusionauth.io/community/forum/topic/67/what-is-the-advantage-of-using-elasticsearch-as-the-search-engine

Hiya,

When you say

Everybody can see authorization key.

Who do you mean? Do you mean anyone with access to the FusionAuth admin console? Or some other set of users?

There's no built in reporting for login methods.

If you think that'd be worthwhile, please file a github issue with more details about the use case.

However, you could set up a webhook on the login event and record the event.authenticationType in an external datastore.

404 is a valid response code when using the client library to look for a user by email.

If the user exists you’ll get 200 and if the user does not exist you’ll get 404.

If you are using the client in the browser and don’t want to expose the 404 to the console, adding a try/catch would be a good idea. The 404 is the expected response code when the user does not exist:
https://fusionauth.io/docs/v1/tech/apis/users#response-2

With version 1.16.x, you should see a 'logs' menu item in the admin screen. Before 1.16 the only option was contacting FusionAuth.

Hi,

So I'm not intimately familiar with this use case, but I have a couple of pointers.

Did you add X-Frame-Options to the exposed headers in the System setting? (This is more of a guess than a recommendation 🙂 .)

Silent refreshes have some other issues. This github issue may be of interest: https://github.com/FusionAuth/fusionauth-issues/issues/521 . It points to a workaround: https://stackoverflow.com/questions/55859793/is-prompt-none-for-silent-refresh-in-a-spa-possible-with-fusionauth-and-its-prov where there's actually a suggestion to tweak the web.xml file.

Finally, if you have a support contract with us, please open a ticket.

You have a couple of options for customizing the login experience when you are using FusionAuth.

You can use the password grant and create your own login page. Here's an example of the password grant. But this doesn't let you use the Authorization Code grant. You can use themes to customize the login pages. You could implement the authorization code grant without ever using the FA front end. You'd have to create your own login and logout pages on the server, and then have the server communicate via the API. Not sure why you'd want to do that, but maybe it meets your needs. You could use a third party tool like Hydra and use FA for your user data store.

@robotdan
Seems I expected that configuration of fusionauth db at docker-compose file was enough, but after your answer, I inserted credentials again at 'maintenance' page, ant it is now started, thanks

Thank you for the quick reply! I have successfully uninstalled it.

In addition to your instructions. I followed the same logic and removed the AppData as well.

rmdir C:\Users\me\AppData\Local\Temp\fusionauth /s

Thanks for your help!

If you're using PostgreSQL the size is essentially unlimited. With MySQL it is 16 MB.

There are few exceptions to this rule where we may be using a 64 KB column if you're on MySQL.

I wouldn't recommend storing that much data however. If you're using Elasticsearch, the custom data on the User will be indexed, and Elasticsearch will eventually hit a limit as well.

Github issue: https://github.com/FusionAuth/fusionauth-issues/issues/632

Yup.

Kickstart is intended to build the system up from scratch.

We check for API keys, users, and a few other things to ensure we can start with a clean slate.

If you already have an API key configured, you can also just script a set of API calls on your end as well. This is more/less what kickstart does.

From the Kickstart docs:

Kickstart will only run if no API keys, users or tenants exist, so you can safely leave this environment variable configured even after the system has been configured.

Kickstart does not load any templates by default. You will need to create any template you’d like in your initial configuration.

Outside of kickstart we do build some default templates. In Kickstart, no templates.

Here's the email templates we ship with if you want to add them to your Kickstart: https://fusionauth.io/docs/v1/tech/email-templates/email-templates#templates-replacement-variables

My guess is you are missing the applicationId on the login API request.

A refresh token is per user per application, so passing that is required to provide refresh tokens (even though it is optional for the call to succeed).

There's no supported way. Here's the official docs:

FusionAuth is able to handle all HTTP traffic and any network handling between the browser and FusionAuth should be as simple as possible.

However, this solution was found by a community member (for the docker install). Configure the environment variable:

FUSIONAUTH_ADDITIONAL_JAVA_ARGS: -Dhttp.proxyHost=some.proxy -Dhttp.proxyPort=8210 -Dhttp.nonProxyHosts="localhost|127.0.0.1|10.*.*.*|172.*.*.*"

before you start FA and it should work.

Users using an sdk created by swagger can use OAuth.

FusionAuth supports all of the grants listed there except "Client Credentials" (if that's an important grant to you, please vote on this GitHub issue).

That said, you can log a user in using this API: https://fusionauth.io/docs/v1/tech/apis/login#authenticate-a-user

As mentioned in that document, you can require a FusionAuth API key (information about creating this here: https://fusionauth.io/docs/v1/tech/apis/authentication#manage-api-keys ) which would not be a per user API key. Or you could disable authentication for the /apilogin endpoint:

Authentication may be disabled per Application, see application.loginConfiguration.requireAuthentication in the Application API or navigate to Applications Edit Security in the user interface.
and have users authenticate against that endpoint.

If on the other hand you are asking about application type API keys that are managed by FusionAuth, the short answer is that is not a feature of FusionAuth. Please see this forum post for other options.

You could look at kickstart: https://fusionauth.io/docs/v1/tech/installation-guide/kickstart

Kickstart only works if the other devs' fusionauth instances are going to be starting from scratch.

Otherwise you might want to vote for https://github.com/FusionAuth/fusionauth-issues/issues/560

From the admin UI, go to System / About and you'll see the current version.

It is also available via the API by calling /api/status and looking for the version key in the returned object. However, the status response is subject to change.

Great thanks, that solved it.