grant

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

N

How to create entities with parents?

Comments & Feedback
• grant entities • • nikhil.shrivastav

2

0
Votes

2
Posts

1.5k
Views

J

@nikhil-shrivastav

Thanks for the question. I have addressed in our support other related support thread.

Thanks
Josh
D

MFA with the password grant

Q&A
• password grant mfa • • dan

3

0
Votes

3
Posts

1.5k
Views

A

Thanks for addressing this use case. Your proposal, however, runs counter to any standardization effort: Long live OAuth! 🙂

A better approach would be to switch from a password grant to the use of authorization codes (instead of passwords) to obtain the access token. This is fully within the OAuth framework and does not introduce fusionauth-specific hacks into the solution.

We have created as simple html page that redirects to the fusionauth authorize endpoint with grant_type=authorization_code. The browser handles MFA as usual. Upon redirecting to this page, the page can harvest the authorization code for the user to copy. From there proceed with into authorization code in place of a password.

PS: Long live OAuth!
D

Can I get permissions granted to a user against an Entity in an OAuth grant

Q&A
• entities authorization code grant • • dan

3

0
Votes

3
Posts

4.7k
Views

D

The ability to search grants for a user was a gap in our documentation. We have since released an update to showcase/describe the use case.

https://fusionauth.io/docs/v1/tech/apis/entity-management/grants/#search-for-grants

Your API endpoint call will look like below:
GET /api/entity/grant/search?userId={uuid}
Additional possible filtering functionality is documented in this feature request.
D

Determining which OAuth grant you are in within the themes

Q&A
• theme oauth grant • • dan

2

0
Votes

2
Posts

2.2k
Views

D

The only two grants that are relevant to an interactive flow are the authorization grant, and the implicit grant.

I don’t recommend you use the implicit grant at all, so that leaves only the authorization grant.

If the authorization grant is happening, response_type will be code.

If the authorization grant is occurring due to a device grant, the user_code variable will be set.
D

Length of time for authorization code

Q&A
• authorization code grant lifetime duration • • dan

2

0
Votes

2
Posts

1.6k
Views

D

It's configurable. If you go to the tenant details page, then to the Advanced tab, you'll see the setting there; it's called Authorization Code. It's also documented in the tenant API, search for tenant.externalIdentifierConfiguration.authorizationGrantIdTimeToLiveInSeconds here: https://fusionauth.io/docs/v1/tech/apis/tenants

Looks like valid durations are between 1 and 600 seconds.
D

Solved How can I implement a client credentials grant with FusionAuth?

Q&A
• grant client creds • • dan

3

0
Votes

3
Posts

2.9k
Views

D

An update! The client credentials grant is now available in paid editions of FusionAuth.

Here is the documentation:

https://fusionauth.io/docs/v1/tech/oauth/#configure-entities

https://fusionauth.io/docs/v1/tech/oauth/#example-client-credentials-grant

How to create entities with parents?

MFA with the password grant

Can I get permissions granted to a user against an Entity in an OAuth grant

Determining which OAuth grant you are in within the themes

Length of time for authorization code

Solved How can I implement a client credentials grant with FusionAuth?