FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. amar.sibia
    3. Topics
    A
    • Profile
    • Following 0
    • Followers 0
    • Topics 4
    • Posts 6
    • Best 1
    • Controversial 0
    • Groups 0

    Topics created by amar.sibia

    • A

      Migration of users without password generation

      Q&A
      • • • amar.sibia
      2
      0
      Votes
      2
      Posts
      513
      Views

      joshuaJ

      @amar-sibia

      We have a general guide that covers migration. This might not solve your immediate problem, but could also offer you some insights as well on a broader scale.

      https://fusionauth.io/docs/v1/tech/guides/migration/#:~:text=Migrate when a user authenticates,user's system of record changes.

      Connectors come to mind for this use case, but I am not 100 percent certain they fit your use case.
      https://fusionauth.io/docs/v1/tech/connectors/

      Or possibly using the user API to ingest from your SAML provider beforehand but setting up dummy passwords (seems less secure, however 🙂 ).
      https://fusionauth.io/docs/v1/tech/apis/users/

      Let me consider this further and I will post back any thoughts.

      Thanks,
      Josh

    • A

      IdentityProvider pop out window

      Q&A
      • • • amar.sibia
      5
      0
      Votes
      5
      Posts
      1.1k
      Views

      danD

      @amar-sibia

      Bummer.

      Suggestions:

      file a bug report with Azure about being able to control the frame header. file a feature request with FusionAuth: https://github.com/fusionauth/fusionauth-issues/issues if the community needs this feature, it'll be voted up and bubble up the priority list. don't run the login window in an iframe 🙂
    • A

      JKU in JWT Header

      Q&A
      • • • amar.sibia
      6
      0
      Votes
      6
      Posts
      2.3k
      Views

      danD

      Updated the JWT populate lambda doc to make it clear that headers aren't modifiable at the present time: https://fusionauth.io/docs/v1/tech/lambdas/jwt-populate/

    • A

      FusionAuth implementation design suggestions

      Q&A
      • • • amar.sibia
      3
      0
      Votes
      3
      Posts
      1.3k
      Views

      danD

      I think @mgetka makes some good points. I'm afraid I don't have enough detail to provide an authoritative answer. From what you've said, I think you could do this with roles, application registrations, groups or even user actions. You could for example, have three different groups of roles (they are just strings, and you can add more than one to a user):

      ... team1_member team2_member ... position1_holder position2_holder ... access_perm_1 access_perm_2 ...

      I guess it also depends on how you want to consume these. Are you going to be looking up the user via FusionAuth API calls? Or will you want this embedded in a JWT for portable claims?

      In the former case (API calls) you can make multiple calls and learn a lot about the user.

      In the latter case, even though you have the JWT populate lambda, it is limited to what is on the user and registration objects.

      So you couldn't, for example, know the group name (though I believe you have the group id) in the lambda, so you couldn't put it in the JWT. More on this issue.