Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.
Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).
Yes. You can use the Authorization Code grant with cookies. Here is a workflow diagram of this: https://fusionauth.io/learn/expert-advice/authentication/webapp/oauth-authorization-code-grant-jwts-refresh-tokens-cookies/
No, this isn't currently possible.
I think that would fall into the threat detection bucket of features we are planning. Feel free to add any notes, comments or suggestions here: https://github.com/FusionAuth/fusionauth-issues/issues/905
A
@dan Thank you for your support. Fixing the signature just saved me another couple of hours (also coming from https://fusionauth.io/blog/2020/07/14/django-and-oauth/) ^^
@chakshu
Sorry, I pointed you to the incorrect setting.
You can go to Applications > FusionAuth > Edit > JWT > Refresh Token duration
Changing that to 1 (the value is in minutes) caused me to be signed out of the admin application after 60 seconds.
Hope that helps.
Looks like your connection to FusionAuth Forum was lost, please wait while we try to reconnect.