• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
  1. Home
  2. Categories
  3. Q&A
Log in to post
Load new posts
  • Recently Replied
  • Recently Created
  • Most Posts
  • Most Votes
  • Most Views
  • G

    Unsolved Hosting using a shared hosting plan with a company like ionos

    • 17 Feb 2023, 16:56 • gcasson-ceo 7 Jul 2023, 16:51
    2
    1
    Votes
    2
    Posts
    397
    Views

    D 7 Jul 2023, 16:51

    @gcasson-ceo

    I'm not familiar with Ionos, but if you can run a database and the OS is linux, windows or mac, you should be able to run FusionAuth.

    Reading the system requirements will help you determine if the Ionos shared plan offers enough RAM and other resources: https://fusionauth.io/docs/v1/tech/installation-guide/system-requirements

  • C

    Unsolved java.lang.NullPointerException: Cannot read field "multiFactorConfiguration" because "<parameter1>" is null

    • 27 Feb 2023, 03:01 • carlnapiercook 7 Jul 2023, 16:48
    2
    1
    Votes
    2
    Posts
    1.3k
    Views

    D 7 Jul 2023, 16:48

    @carlnapiercook Hmmm. Sorry about this.

    Did you solve this? Can you recreate on a later version of FusionAuth?

  • D

    Unsolved Can't edit redirect URL for OpenID Connect

    • 6 Mar 2023, 09:26 • dobritos11 7 Jul 2023, 16:47
    2
    1
    Votes
    2
    Posts
    1.8k
    Views

    D 7 Jul 2023, 16:47

    Hiya @dobritos11 !

    I assume you mean 1.32.1 as the version. Please let me know if I'm incorrect.

    Which screen are you trying to edit the redirect URL from?

    Any steps documenting what you are trying to do that you can provide would be helpful.

  • A

    Unsolved SAML api

    • 9 Mar 2023, 01:03 • alec.kustanovich 7 Jul 2023, 16:43
    2
    1
    Votes
    2
    Posts
    5.4k
    Views

    D 7 Jul 2023, 16:43

    @alec-kustanovich I'm not quite sure what you are asking for here.

    Are you talking about how to create the link to the SAML identity provider outside of FusionAuth?

    Or are you talking in particular about the code that is provided to you at the end of the start API call, as documented here: https://fusionauth.io/docs/v1/tech/apis/identity-providers/samlv2#start-a-saml-v2-login-request

  • U

    Unsolved Implementing Authentication in WPF

    • 6 Jul 2023, 06:23 • udayvignan.varma 7 Jul 2023, 16:01
    2
    0
    Votes
    2
    Posts
    418
    Views

    M 7 Jul 2023, 16:01

    @udayvignan-varma Can you let us know what Callback URL you are trying to use? Also do you have the correct authorized URLs set up in your application in the development environment? Is there any more information available with the responses you are seeing?

  • B

    Unsolved Importing users from Fusion Auth to KeyCloak

    migration migrate users keycloak • 4 Jul 2023, 15:00 • benjamin 6 Jul 2023, 17:08
    6
    1
    Votes
    6
    Posts
    1.3k
    Views

    D 6 Jul 2023, 17:08

    @benjamin Hmmm.

    I'm not quite sure what the issue is, because we do specify salted-pbkdf2-hmac-sha256-512 in the import script:

    https://github.com/FusionAuth/fusionauth-import-scripts/blob/master/keycloak/import.rb#L151

    The migration guide says:

    "The encryptionScheme for this plugin is salted-pbkdf2-hmac-sha256-512."

    So when you write:

    Hello Dan, I found the fix, at least for my test instance, seems that pbkdf2-sha256 maps to salted-pbkdf2-hmac-sha256 rather than salted-pbkdf2-hmac-sha256-512.

    Do you mean that pbkdf2-sha256 is the value from Keycloak and it only worked when you used salted-pbkdf2-hmac-sha256 in FusionAuth, or something else?

    What version of Keycloak are you migrating from?

  • S

    Unsolved Token not received inside Docker with Express JS

    • 4 Jul 2023, 22:39 • sandesh 5 Jul 2023, 08:23
    2
    0
    Votes
    2
    Posts
    469
    Views

    B 5 Jul 2023, 08:23

    Without understanding your setup completely, is the callback happening in a server-to-server call? If so, localhost doesn't work.

    For example when I wanna call the elastic search container from fusion auth, I cannot call it as http://localhost:9200. For instance if the setup is

    fusionauth-search: image: docker.elastic.co/elasticsearch/elasticsearch:8.5.0 container_name: fusionauth-search environment: cluster.name: fusionauth networks: - data-layer restart: unless-stopped ports: - '9011:9011'

    I will need to call it via http://fusionauth-search:9200. You can also see such a setup in Fusion Auth's documentation on setting up Fusion Auth in docker-compose at https://fusionauth.io/docs/v1/tech/installation-guide/docker. You notice that the URLs will refer to the container names.

    I hope this helps.

  • C

    Unsolved Username and email claims aren't *both* honoured for identity providers

    • 17 May 2023, 10:47 • chris 2 4 Jul 2023, 03:39
    2
    1
    Votes
    2
    Posts
    458
    Views

    D 4 Jul 2023, 03:39

    Hiya @chris-2,

    So you'd like to have the claim that is not linked be set if present in the response? Would that solve your problem? Or is there some other solution that would solve your needs?

    The reason we don't allow those claims to be changed in the lambda is that it's an escalation possibility.

    One option (for a subset of your use cases) would be to store the value that is delivered from the identity provider in the user.data.email claim which is used for email specific functionality when no email address is available on the user.

  • B

    Unsolved connect other system fusion auth by Ip address

    • 30 May 2023, 13:31 • bhavin.panchal 4 Jul 2023, 02:35
    2
    0
    Votes
    2
    Posts
    861
    Views

    D 4 Jul 2023, 02:35

    Hiya @bhavin-panchal !

    I'm not sure I understand your question.

    Can you rephrase it?

    Thanks.

  • B

    Unsolved Updates and custom themes

    theme customization update • 6 Jun 2023, 12:47 • billyudi 4 Jul 2023, 02:35
    2
    0
    Votes
    2
    Posts
    1.4k
    Views

    D 4 Jul 2023, 02:35

    @billyudi We are working on a update to the upgrade guide which will discuss how to map the new theme files and changes.

    You can follow along with it here:

    https://github.com/FusionAuth/fusionauth-site/pull/2166

    I get your larger question though, which is, if I customize my theme, and then I upgrade from 1.45 to 1.46 and 1.46 introduces a new themed page, what does that new themed page look like?

    Have you tried testing this out?

  • C

    Solved Registration fields pre-fill from URL

    • 4 Jun 2023, 13:11 • ctorres 4 Jul 2023, 02:32
    5
    0
    Votes
    5
    Posts
    738
    Views

    D 4 Jul 2023, 02:32

    @ctorres Awesome, thanks for sharing your process!

  • E

    Unsolved Filter Preferred Languages. Should contain only specific languages.

    • 28 Jun 2023, 08:53 • egli 4 Jul 2023, 02:31
    4
    1
    Votes
    4
    Posts
    732
    Views

    D 4 Jul 2023, 02:31

    Hiya @egli !

    Thanks for posting it on GitHub issues. Please share the link so others discovering this issue can upvote it or see the progress on it.

    Currently there's no way to limit the inputs on the default select box.

    Two options.

    Since you are using a custom form, you could create your own select list with just the languages you want to support.

    Store this to a different value (user.data.custom_preferred_languages). You could then set up a user.create.complete webhook to copy the value of user.data.custom_preferred_languages to user.preferredLanguages`. That way this language will be used in the future. (The initial email won't have that info, however).

    Another option would be to have a javascript function that would run whenever the user.preferredLanguage select box is displayed, and would trim the values down to what you desire.

    I realize this isn't the smoothest, but it should get you the control you want.

  • A

    Unsolved Blank screen after authenticating through an IdP

    • 8 Jun 2023, 21:57 • alex 2 4 Jul 2023, 02:23
    2
    0
    Votes
    2
    Posts
    516
    Views

    D 4 Jul 2023, 02:23

    @alex-2 Hmmm, curious.

    What is the redirect URI or redirect URIs of the application configuration?

    Is there any additional debug information when you run this in the iOS simulator?

    Where are you running FusionAuth? Is the SSL certificate self-signed?

    Are you using a webview? That's not typically recommended, as using safari (ASWebAuthenticationSession, to be precise) is the better path. One possible solution would be to use AppAuth, an iOS library, and see if the issue is present there.

  • A

    Unsolved How to delete a user from multiple tenants using a single endpoint call in FusionAuth?

    • 14 Jun 2023, 06:08 • anirudh.vekariya 4 Jul 2023, 02:18
    2
    1
    Votes
    2
    Posts
    827
    Views

    D 4 Jul 2023, 02:18

    Hiya @anirudh-vekariya!

    There is no way to do this.

    Since tenants are designed to be logically separate, FusionAuth has no concept of a user that spans tenants. I would not expect this to be something to be built into FusionAuth because of that.

    Hope this helps.

  • M

    Unsolved OIDC and Azure AD Groups

    • 4 Mar 2022, 03:34 • matthewh 1 Jul 2023, 22:32
    4
    0
    Votes
    4
    Posts
    778
    Views

    D 1 Jul 2023, 22:32

    @bradley-kite said in OIDC and Azure AD Groups:

    Is there a way I can get an access token from within the Lambda?

    👋 hiya @bradley-kite !

    I haven't tested this, but there should be a refresh token stored in the identity provider link (since you are using OIDC). If you can retrieve that, you should be able to get a new access token, and then present that to azure ad.

    https://fusionauth.io/docs/v1/tech/apis/identity-providers/links#retrieve-a-link

    Look for identityProviderLink.token.

  • E

    Unsolved Email Templates localization not working

    • 23 Jun 2023, 15:25 • egli 30 Jun 2023, 20:35
    4
    0
    Votes
    4
    Posts
    654
    Views

    D 30 Jun 2023, 20:35

    @egli This is not currently possible, but will be released in 1.47: https://github.com/FusionAuth/fusionauth-issues/issues/1738

  • M

    Unsolved Different Roles for Different Products

    • 21 Jun 2023, 09:34 • matthieu 28 Jun 2023, 02:36
    4
    1
    Votes
    4
    Posts
    414
    Views

    M 28 Jun 2023, 02:36

    @matthieu , that is understandable. Keep in mind if you are adding a lot of products often, you can use the APIs to help create and manage those permissions.

    I.E. Create an Application Role, Create an Entity, Update a User Registration (for updating roles)

  • M

    Solved Managed Domains Availability

    • 28 Jun 2023, 02:24 • mark.robustelli 28 Jun 2023, 02:26
    2
    0
    Votes
    2
    Posts
    699
    Views

    M 28 Jun 2023, 02:26

    Managed domains are only available with the SAML and OIDC providers, not other kinds of identity providers (like Apple, etc)

    If you are interested in which features of FusionAuth are premium, please see FusionAuth Premium Features.

  • M

    Solved 2 step login

    • 28 Jun 2023, 02:22 • mark.robustelli 28 Jun 2023, 02:22
    2
    0
    Votes
    2
    Posts
    679
    Views

    M 28 Jun 2023, 02:22

    You can achieve it by configuring an IdP with a managed domain.

    For example, you can configure an OpenID Connect IdP (it doesn't have to have real values) and configure a managed domain for something that won't match anything practical such as no-match-domain.com. If this IdP is enabled it will cause FusionAuth to ask for the email separate from the email address.

    *This will only work for SAML and OIDC Idps, not other kinds like Apple, etc. as managed domains are not supported.

  • M

    Solved Get user.data Object Using oAuth Token

    • 28 Jun 2023, 02:19 • mark.robustelli 28 Jun 2023, 02:20
    2
    0
    Votes
    2
    Posts
    909
    Views

    M 28 Jun 2023, 02:20

    Depending upon your use case, there are a few ways to get at that data.

    You can use a JWT Populate lambda to add additional claims to the JWT from values stored inside user.data. You can then access these claims in the JWT after you validated it decode it yourself. Or, if you use the FusionAuth UserInfo endpoint, we will return the claims in a JSON response after we validate the token.

    *Keep in the JWT Populate lamda you can add whateve you want. Any custom claims added to the JWT will then be returned by the UserInfo endpoint. In most cases it is better to keep the JWT small.

    You can use the OAuth2 access token (JWT) to retrieve the user with the User API. This will return the entire user object include anything stored in user.data. This is done by making a GET request to the User API and providing the token in the Authorization header Authorization: Bearer <encoded JWT>