Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Categories

Announcements

Announcements regarding our community

Release

89
Topics

135
Posts

A

Join Alex and Lyle as they talk about how FusionAuth converted to Astro!

⏰ Today 3p ET

https://www.youtube.com/watch?v=_WarJu-17ro

town-hall-better-docs-with-astro-v0.10.png
General Discussion

A place to talk about whatever you want

508
Topics

1.7k
Posts

A

Hi,

We currently have four environments: dev, qa, staging, production. We do want separate FusionAuth instances for the lower environments, to avoid any chance of data leakage and also because it enables more isolated testing of configuration changes. The lower-cost hosting options for the lower environments seem like they would work fine.

If we purchase the Essentials plan for our production environment (primarily for HA hosting and support, but we may end up using some of the additional features it includes) - does that plan cover our lower environments as well, or would they need a their own plans? Purchasing 4X plans for one product would put FusionAuth outside of our budget.

Thanks
Comments & Feedback

Got a question? Ask away!

80
Topics

264
Posts

K

Personally cannot help you much since I have not deployed my monorepo on a server to see how FusionAuth behaves 😓 but I think it would be easier for others to assist you and understand it if you could share a reproducible repo or something of that sort.
Blogs

Blog posts from individual members

169
Topics

190
Posts

D

Community blog post: https://medium.com/@rsiva_nitric/fusionauth-as-an-alternative-to-auth0-for-robust-authentication-c8e865be86a1
Q&A

You've got questions? We've got answers.

1.4k
Topics

4.5k
Posts

D

Sure!

This is a case of Third-Party Service Authorization where your application is trying to access data on behalf of users held by another party (Google in this case).

This will require some integration work on your part, but the basic steps are:
Integrate your application with FusionAuth (our quickstarts are a good place to start). Make sure you check the 'keep me signed in' value set, using a hidden field. Set up an Identity Provider. You don't want to use the Google Identity Provider because it doesn't support the prompt URL parameter. Use the OIDC Identity Provider with the prompt parameter set to select_account to let the users pick different accounts, and make sure you set access_type to offline to get a refresh token. More here. Set the Linking strategy to Pending. You'll also need to set up your Google scopes correctly. Based on your question, you'll want to use https://www.googleapis.com/auth/calendar.events.readonly as an additional scope. You'll want to follow the Google Identity Provider instructions insofar as they pertain to navigating the Google Cloud Console. Create an 'connect your account with google' button in your application. This should point to the OIDC Identity Provider. You can use an idp_hint to send the user directly to Google when they click it. After they return from google, having selected their account, they should be logged in to your application. (It's possible with Pending they'll be prompted to login to your application again, but I don't think so. Would have to test.) They'll also have a link that is accessible via the Link API. That link will contain the refresh token in the token field. You can also iterate all the links in your application using one of our client libraries to display to the user which google accounts they have connected.
Now you have connected 1 or more Google accounts to a FusionAuth account.

Next, when you want to retrieve calendar events for your application to process, take these steps:
Call the Links API for the user to retrieve all the links Retrieve the Google refresh token from the token field Get a fresh access token using the Refresh grant Use the access token to retrieve the event data using either the API or a Google SDK. ... profit!
If the refresh token has expired (you don't get back a valid access token), inform the user and have them go through the authorization process again.

Hope this helps.
Jobs

This is the right place to find someone who can help you with FusionAuth projects

13
Topics

15
Posts

D

https://www.upwork.com/freelance-jobs/apply/FusionAuth-NextAuth-application_~01c79f95fdbcb94d61/

Categories

Announcements

General Discussion

Comments & Feedback

Blogs

Q&A

Jobs