Topics created by trevorr

@trevorr said in Duplicate port number in Google IdP redirect:

It appears I was running an old version locally (1.30.2). This issue has been fixed as of at least 1.41.2.

@trevorr said in Password change deletes sessions?:

If possible in the future, it would be great to be able to control that per-password change. It's the right behavior for changing a potentially compromised password, but not for setting an initial password. Of course, my app could also revoke the refresh tokens explicitly.

Makes sense. Please feel free to open an GitHub issue outlining your use case: https://github.com/fusionauth/fusionauth-issues/issues

Hi @trevorr,

I can't say that we have an out-of-box solution for you on this directly. If you would like to submit a feature request fully outlining your use case, we could have our dev team review it.

I have a couple of other thoughts:

we want to send email from our marketing platform for consistent tracking

Remember that you have the ability to augment the user object with custom data (User API -- user.data field). Some of this data could be a tracking code that links back to your marketing platform, for instance.

we want a consistent look and feel in the password setting UI (simulating Material UI in a FA theme seems infeasible),

FreeMarker templating does accept HTML and other modern inputs to allow you to custom craft a landing page that meets your brand requirements (You can check out some examples of exactly this, here). Anecdotally, I have heard of some customers that use services such as MailChimp/ContantContact/Drip to create templates and then import them into FreeMarker. It is outside of my domain expertise, but it seems this is done often enough.

c) FusionAuth doesn't seem to have a way to send the user into our app after they set a password.

This is possible but would require some additional javascript code. See Here

Webhooks are also a powerful tool within FusionAuth to notify when certain other user actions occur. API documentation here

If anything else comes to mind, I will post back here! I hope this helps!

Thanks,
Josh

@md-tanveeraj Can you confirm how you are intergrating Google?

The two most common implementations of Google + FusionAuth are via the hosted pages (where you have FusionAuth display a login with google - https://fusionauth.io/docs/v1/tech/identity-providers/google) or via writing your own login page and Google integration (login with google via API - https://fusionauth.io/docs/v1/tech/apis/identity-providers/google#complete-the-google-login)

I might need some more context to be able to provide additional assistance.

Thanks,
Josh

@trevorr said in Is it possible to create a user without a password?:

Would changing this be a reasonable feature request?

Sure, seems reasonable to me.

I'm not quite sure of the ramifications because the identity providers are assigned at the application level and users are a tenant scoped entity, but I suppose you could just say that any user marked with a 'nolocalpassword' attribute would not be able to ever log in locally. They'd always have to be authenticated by a third party system. I haven't thought through all the ramifications but think this would be a fine feature request. Please file away 🙂 : https://github.com/fusionauth/fusionauth-issues/issues

Note that the random password example in that other thread might fail sporadically because there's no guarantee that a base-64 string will contain a "special character".

Maybe I misunderstand you here, but that's a matter of the password rules and the random string generation, correct? You could set up random long strings and make sure they included non alphanumeric characters. Should be a library for that (here's one for java). Or you could relax your password rules to allow for only alphanumeric characters (this may or not make sense, depending on what kind of users you have logging into the tenant).

We've added some documentation about no downtime upgrades in FusionAuth cloud: https://fusionauth.io/docs/v1/tech/installation-guide/cloud#upgrade-duration

If you are self-hosting, we recommend running in a cluster and you should be able to have upgrade downtime similar to what FusionAuth cloud has.

@dan Thanks so much for the followup! For now, I'll work around the issue with a read/merge/write on the client.