• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

Why can't I update the default tenants smtp parameters through the API?

Scheduled Pinned Locked Moved Solved
Q&A
2
10
1.5k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L
    laurent.michel
    last edited by laurent.michel 14 Apr 2022, 06:19

    I am using the single, default tenant defined by fusionauth :

    fadfbb74-4346-4047-98ec-ea74a28df44f-image.png

    I installed fusionauth with the following kickstart:

    {
  "apiKeys": [
    {
      "description": "Almighty API Key",
      "key": "#{almightyApiKey}"
    },
    {
      "description": "Serverless API Key",
      "key": "#{serverlessApiKey}",
      "permissions": {
        "endpoints": {
          "/api/jwt/validate": [
            "POST"
          ],
          "/api/login": [
            "POST"
          ],
          "/api/user": [
            "POST",
            "DELETE"
          ],
          "/api/user/registration": [
            "POST"
          ]
        }
      }
    }
  ],
  "requests": [
    {
      "body": {
        "registration": {
          "applicationId": "#{FUSIONAUTH_APPLICATION_ID}",
          "roles": [
            "admin"
          ]
        },
        "user": {
          "email": "#{adminEmail}",
          "password": "#{adminPassword}"
        }
      },
      "method": "POST",
      "url": "/api/user/registration"
    },
    {
      "body": {
        "emailTemplate": {
          "defaultHtmlTemplate": "To change your password use the following token:\n\n<p>changePasswordId=${changePasswordId}</p>",
          "defaultSubject": "Reset your password",
          "defaultTextTemplate": "To change your password use the following token: \n\nchangePasswordId=${changePasswordId}",
          "name": "Forgot Password"
        }
      },
      "method": "POST",
      "url": "/api/email/template/#{forgotPasswordEmailTemplateId}"
    },
    {
      "body": {
        "emailTemplate": {
          "defaultHtmlTemplate": "Your account has been created and you must setup a password. Use the following token to setup your password:\n\n<p>changePasswordId=${changePasswordId}</p>",
          "defaultSubject": "Setup your password",
          "defaultTextTemplate": "Your account has been created and you must setup a password. Use the following token to setup your password: \n\nchangePasswordId=${changePasswordId}",
          "name": "Setup Password"
        }
      },
      "method": "POST",
      "url": "/api/email/template/#{setPasswordEmailTemplateId}"
    },
    {
      "body": {
        "emailTemplate": {
          "defaultHtmlTemplate": "[#if user.verified]\nPro tip, your email has already been verified, but feel free to complete the verification process to verify your verification of your email address.\n[/#if]\n\nTo complete your email verification use the following token:\n\n<p>${verificationId}</p>",
          "defaultSubject": "Verify your email address",
          "defaultTextTemplate": "[#if user.verified]\nPro tip, your email has already been verified, but feel free to complete the verification process to verify your verification of your email address.\n[/#if]\n\nTo complete your email verification use the following token:\n\n${verificationId}",
          "name": "Email Verification"
        }
      },
      "method": "POST",
      "url": "/api/email/template/#{verificationEmailTemplateId}"
    },
    {
      "body": {
        "emailTemplate": {
          "defaultHtmlTemplate": "[#if registration.verified]\nPro tip, your registration has already been verified, but feel free to complete the verification process to verify your verification of your registration.\n[/#if]\n\nTo complete your registration verification use the following token: \n<p>${verificationId}</p>",
          "defaultSubject": "Verify your registration",
          "defaultTextTemplate": "[#if registration.verified]\nPro tip, your registration has already been verified, but feel free to complete the verification process to verify your verification of your registration.\n[/#if]\n\nTo complete your registration verification use the following token: \n\n${verificationId}",
          "name": "Registration Verification"
        }
      },
      "method": "POST",
      "url": "/api/email/template/#{registrationVerificationEmailTemplateId}"
    },
    {
      "body": {
        "tenant": {
          "emailConfiguration": {
            "defaultFromEmail": "#{fromEmail}",
            "defaultFromName": "#{fromName}",
            "forgotPasswordEmailTemplateId": "#{forgotPasswordEmailTemplateId}",
            "host": "#{mailServerHost}",
            "password": "#{mailServerPassword}",
            "port": "#{mailServerPort}",
            "security": "#{mailServerSecurity}",
            "setPasswordEmailTemplateId": "#{setPasswordEmailTemplateId}",
            "username": "#{mailServerUsername}",
            "verificationEmailTemplateId": "#{verificationEmailTemplateId}",
            "verificationStrategy": "FormField",
            "verifyEmail": true,
            "verifyEmailWhenChanged": true
          },
          "issuer": "#{issuer}",
          "name": "Default",
          "userDeletePolicy": {
            "unverified": {
              "enabled": true,
              "numberOfDaysToRetain": 1
            }
          }
        }
      },
      "method": "PATCH",
      "url": "/api/tenant/#{defaultTenantId}"
    },
    {
      "body": {
        "lambda": {
          "body": "function populate(jwt, user, registration) { jwt['#{hasuraClaimsNamespace}'] = { 'x-hasura-allowed-roles': jwt.roles, 'x-hasura-default-role': jwt.roles[0], 'x-hasura-user-id': user.id }; }",
          "debug": true,
          "enabled": true,
          "name": "hasura",
          "type": "JWTPopulate"
        }
      },
      "method": "POST",
      "url": "/api/lambda/#{hasuraLambdaId}"
    }
  ],
  "variables": {
    "adminEmail": "admin@company.com",
    "adminPassword": "my admin password",
    "almightyApiKey": "24114b81-4207-4b02-bcd5-3bbbb91a66e7",
    "defaultTenantId": "9d72d134-464e-4542-a42f-6b0ac602f0d2",
    "forgotPasswordEmailTemplateId": "#{UUID()}",
    "fromEmail": "no-reply@company.com",
    "fromName": "Company",
    "hasuraClaimsNamespace": "https://hasura.io/jwt/claims",
    "hasuraLambdaId": "#{UUID()}",
    "issuer": "company.com",
    "mailServerHost": "smtp-host",
    "mailServerPassword": "smtp-pwd",
    "mailServerPort": 1025,
    "mailServerSecurity": "NONE",
    "mailServerUsername": "smtp-user",
    "registrationVerificationEmailTemplateId": "#{UUID()}",
    "serverlessApiKey": "42f41c94-e41a-492c-891c-c85f2204c639",
    "setPasswordEmailTemplateId": "#{UUID()}",
    "verificationEmailTemplateId": "#{UUID()}"
  }
}

    I have defined a super-user api key:

    49556764-831e-4fd9-b88f-2125136417ec-image.png

    Using that key, with python fusionauth client, I am trying to get all tenants like this:

    response = client.retrieve_tenants()
tenants = response.success_response['tenants']

    I get None tenants. Why? I was expecting to see my default tenant here. Then, if I grab my default tenant id and use it like this:

    request = {
        'tenant': {
            'emailConfiguration': {
            'host': hostname,
            'port': port,
            'username': username,
            'password': password,
            'security': 'SSL' if enable_ssl == 'true' else 'NONE',
        }
    }
}
response = client.update_tenant(tenant_id, request)

    then I get response.status == 405 which is not documented in your documentation. Why do I get that status? How can I update my default tenant's smtp parameters through the API? If I do it through the FusionAuth dashboard, then it works.

    I am working with FusionAuth™ version 1.32.1.

    Thanks in advance for your help!

    L 1 Reply Last reply 14 Apr 2022, 08:59 Reply Quote 0
    • L
      laurent.michel @laurent.michel
      last edited by 14 Apr 2022, 08:59

      If I don't use the python client, but rather do this:

      curl -X PATCH http://my-fusionauth-hostname.com/api/tenant/135ccc5c-17b9-414b-9538-65d77e53a0c0
     -H 'Content-Type: application/json'
     -H 'Accept: application/json'
     -H 'Authorization: CrH00Hgsp1yj1NKyGHGwxS8xKpoJh9gwNcOKful4'
     -d '{ "tenant": { "emailConfiguration": { "host": "smtp-host", "port": 8080, "username": "the-username", "password": "password", "security": "SSL" } } }'

      Then it works.

      L 1 Reply Last reply 14 Apr 2022, 09:03 Reply Quote 0
      • L
        laurent.michel @laurent.michel
        last edited by 14 Apr 2022, 09:03

        If I do

        curl http://docker122445-env-0749025.hidora.com/api/tenant
   -H "Accept: application/json"
   -H 'Authorization: CrH00Hgsp1yj1NKyGHGwxS8xKpoJh9gwNcOKful4'

        then I get my default tenant.

        L 1 Reply Last reply 14 Apr 2022, 09:16 Reply Quote 0
        • L
          laurent.michel @laurent.michel
          last edited by 14 Apr 2022, 09:16

          I was able to gather that

          response = client.retrieve_tenants()
tenants = response.success_response['tenants']

          returns None because I created the fusionauth client like this:

          client = FusionAuthClient(args.api_key, args.api_url)

          with api_url ending with trailing slash. Interestingly,

          response.was_successful()

          is true. I still have no explanation for the other call.

          L 1 Reply Last reply 14 Apr 2022, 09:19 Reply Quote 0
          • L
            laurent.michel @laurent.michel
            last edited by 14 Apr 2022, 09:19

            Without the trailing slash in fusionauth api url, I get a 400 status code for call

            request = {
        'tenant': {
           'emailConfiguration': {
            'host': hostname,
            'port': port,
            'username': username,
            'password': password,
            'security': 'SSL' if enable_ssl == 'true' else 'NONE',
        }
    }
}
response = client.update_tenant(tenant_id, request)

            The printed value of the request variable is

            {'tenant': {'emailConfiguration': {'host': 'my-smtp-host', 'port': 8081, 'username': 'laurent', 'password': '1234', 'security': 'SSL'}}}
            L 1 Reply Last reply 14 Apr 2022, 09:34 Reply Quote 0
            • L
              laurent.michel @laurent.michel
              last edited by 14 Apr 2022, 09:34

              long story short: this works:

              request = {
    'tenant': {
            'emailConfiguration': {
            'host': hostname,
            'port': port,
            'username': username,
            'password': password,
            'security': 'SSL' if enable_ssl == 'true' else 'NONE',
        }
    }
}
headers = {'content-type': 'application/json', 'authorization': api_key}
response = requests.patch(f'{api_url}/api/tenant/{tenant_id}', data=json.dumps(request), headers=headers)

              i.e. I receive status 200, but this doesn't:

              request = {
        'tenant': {
            'emailConfiguration': {
                'host': hostname,
                'port': port,
                'username': username,
                'password': password,
                'security': 'SSL' if enable_ssl == 'true' else 'NONE',
        }
    }
}

response = client.update_tenant(tenant_id, request)

              i.e. I receive status 400.

              danD 1 Reply Last reply 24 Apr 2022, 21:14 Reply Quote 0
              • danD
                dan @laurent.michel
                last edited by 24 Apr 2022, 21:14

                @laurent-michel

                Hmmm.

                I am not super familiar with the requests library, but a patch in general is different from what update_tenant does. Does the 400 happen if you run patch_tenant?

                --
                FusionAuth - Auth for devs, built by devs.
                https://fusionauth.io

                L 2 Replies Last reply 27 Apr 2022, 19:03 Reply Quote 0
                • L
                  laurent.michel @dan
                  last edited by 27 Apr 2022, 19:03

                  @dan hmmm I did not see that method. I'll give a try. I'm pretty sure it will work. Thanks for the hint!

                  1 Reply Last reply Reply Quote 0
                  • L
                    laurent.michel @dan
                    last edited by 28 Apr 2022, 17:53

                    @dan I can confirm it's working as expected. Thanks for your useful advice.

                    danD 1 Reply Last reply 30 Apr 2022, 14:12 Reply Quote 1
                    • danD
                      dan @laurent.michel
                      last edited by 30 Apr 2022, 14:12

                      @laurent-michel Great to hear!

                      --
                      FusionAuth - Auth for devs, built by devs.
                      https://fusionauth.io

                      1 Reply Last reply Reply Quote 0
                      • L laurent.michel has marked this topic as solved on 1 May 2022, 16:23
                      • First post
                        Last post