Topics created by johndoexx

Hiya,

It looks like this use case is documented in the 'Complete the Google Login' section of the API documentation: https://fusionauth.io/docs/v1/tech/apis/identity-providers/google#complete-the-google-login

High level:

Developer does the Google login dance themselves Google returns a token Developer calls the IdP Login API as outlined in the above link.

Hope that helps. I've also filed a PR against the documentation to highlight this functionality.

Heya,

JWTs are stateless tokens of identities. If you want a JWT to be revoked after someone has logged out from FusionAuth, you need to tie state back in.

See this article for various options for revoking JWTs: https://fusionauth.io/learn/expert-advice/tokens/revoking-jwts

I'm not sure I understand your question. I'd use OIDC for the login form, but the whole point of OAuth (at least the authorization code grant) is that the login process happens at a third party (FusionAuth in this instance).

If you want to have the user login and control the whole process (including your own pages), use the login API, or, if you must use an OAuth grant, the password grant.

Please feel free to give more information about your question, as again, I'm not sure I understood it.