I'd like to update the user data object in the UI. I know I can do it via the API: https://fusionauth.io/docs/v1/tech/apis/users

dan
@dan
Developer Advocate at FusionAuth.
Best posts made by dan
-
Is there a way to update user data in the UI?
-
Can I configure the inactivity timeout of the FusionAuth Session cookie?
I have a quick question about FusionAuth and configuring the inactivity timeout of the session cookie it creates. Specifically... Is it possible?
-
Terraform provider for FusionAuth released
There's now an open source terraform provider available: https://github.com/gpsinsight/terraform-provider-fusionauth
It's also on the registry: https://registry.terraform.io/providers/gpsinsight/fusionauth/latest
-
RE: Block authentication until user is verified?
Is modifying the JWT via a lambda equivalent to accessing the verified property of the user profile?
Within a lambda, you have access to the user and registration properties. So you'd pull the
verified
property from wherever you wanted and put it into the JWT as a custom claim. Here's a blog post about how that might work.So yes, it is the same data. It's the tradeoff between a bigger JWT and having to make the additional call from your API.
Don't forget that the JWT will live for a while, so if this sequence happens and you use the JWT, you might have a user with a verified email prevented from using the API.
- user registers
- JWT issued, with
verified
set tofalse
because the user isn't verified. - User verifies their email
- User visits API, but is denied because the JWT has stale data.
I don't know timelines and how long your JWTs live for, but this is something to consider. Does that answer your question?
-
RE: Trouble getting the user object post login
OK, we just released 1.18.8 and that is the version you want to use:
In
requirements.txt
:fusionauth-client==1.18.8
And then this is the call you want to make (with
client_id
beforeredirect_uri
) :resp = client.exchange_o_auth_code_for_access_token(request.args.get("code"), client_id, "http://localhost:5000/oauth-callback", client_secret)
-
Seeking users of FusionAuth to take a survey
Heya FusionAuth Users!
Got a minute to share your experience with the FusionAuth platform?
Please take this short Capterra survey.
You'll help improve the software and the first 100 eligible reviewers will get a $20 gift card.
-
New website!
We just released an overhaul of the website: https://fusionauth.io/ which includes a new look for the API docs: https://fusionauth.io/docs/v1/tech/
-
Unable to create a registration using the .NET core client
Hiya,
I'm unable to create a user registration using the .NET client libraries: https://fusionauth.io/docs/v1/tech/client-libraries/netcore
I have verified that the API key is basically a super user. I've verified that I'm sending the registration object. I've tried twiddling different properties (verified, insertInstant) and made sure that the application exists. I've added the a user registration to the application manually and it works. Creating a user and setting the userdata works just fine. It just seems like the registration isn't working.
I looked in https://github.com/FusionAuth/fusionauth-netcore-client/issues and https://github.com/FusionAuth/fusionauth-issues/issues but didn't see any relevant issues.
Here's my code so far (you can run it with
fusionauth_api_key=<key> dotnet.exe run -- foo@foo5.com bluepass123 blue
)$ cat usermanager.csproj <Project Sdk="Microsoft.NET.Sdk"> <PropertyGroup> <OutputType>Exe</OutputType> <TargetFramework>netcoreapp3.1</TargetFramework> </PropertyGroup> <ItemGroup> <PackageReference Include="FusionAuth.Client" Version="1.15.7" /> <PackageReference Include="JSON.Net" Version="1.0.18" /> </ItemGroup> </Project>
$ cat Program.cs using System; using io.fusionauth; using io.fusionauth.domain; using io.fusionauth.domain.api; using System.Collections.Generic; using Newtonsoft.Json; namespace usermanager { class Program { private static readonly string apiKey = Environment.GetEnvironmentVariable("fusionauth_api_key"); private static readonly string fusionauthURL = "http://localhost:9011"; private static readonly string tenantId = "66636432-3932-3836-6630-656464383862"; static void Main(string[] args) { if (args.Length != 3) { Console.WriteLine("Please provide email, password and favorite color."); Environment.Exit(1); } string email= args[0]; string password = args[1]; string favoriteColor = args[2]; FusionAuthSyncClient client = new FusionAuthSyncClient(apiKey, fusionauthURL, tenantId); User userToCreate = new User(); userToCreate.email = email; userToCreate.password = password; Dictionary<string, object> data = new Dictionary<string, object>(); data.Add("favoriteColor", favoriteColor); userToCreate.data = data; UserRegistration registration = new UserRegistration(); registration.applicationId = Guid.Parse("4243b56f-0b45-4882-aa23-ac75eea22d22"); registration.verified = true; registration.insertInstant = DateTimeOffset.UtcNow; var registrations = new List<UserRegistration>(); registrations.Add(registration); userToCreate.registrations = registrations; UserRequest userRequest = new UserRequest(); userRequest.sendSetPasswordEmail = false; userRequest.user = userToCreate; string u = JsonConvert.SerializeObject(userRequest); Console.WriteLine(u); var response = client.CreateUser(null, userRequest); string json = JsonConvert.SerializeObject(response); Console.WriteLine(json); if (response.WasSuccessful()) { var user = response.successResponse.user; Console.WriteLine("retrieved user with email: "+user.email); } else if (response.statusCode != 200) { var statusCode = response.statusCode; Console.WriteLine("failed with status "+statusCode); } } } }
Latest posts made by dan
-
RE: Social login with Flutter App
Just wanted to update. A user opened: https://github.com/FusionAuth/fusionauth-dart-client/issues/7
To clear things up, with a public client like a mobile application, you can't safely store a client secret (it'll be shared among all the native apps and can be found via decompilation).
In this scenario, you should disable
Require authentication
in the FusionAuth Application configuration and use PKCE to secure communication with the Token endpoint.You can use the
exchangeOAuthCodeForAccessTokenUsingPKCE
client method to do so.This is also outlined here: https://fusionauth.io/docs/v1/tech/client-libraries/dart/
-
What to consider before choosing an open source auth provider
Interesting perspective from a guest blogger: https://fusionauth.io/blog/2021/04/15/open-source-auth-considerations/
-
RE: Verification email
A user could have a separate email address. For example:
- user signs up for application a, which takes an email address and a password
- user then signs up for application b, which takes a username and password, but has email verification enabled
If that isn't the case, you shouldn't enable email verification, since FusionAuth will have no way of sending the email
.
Does that help?
-
RE: missing redirect_uri
@richb201 said in missing redirect_uri:
Thanks Dan. When you say "run a search" on the server, do you mean "try to start passwordless log in and review the error message", if it fails?
I mean use the user search API in your server side code. Sorry if I was unclear. You could do that on a page on your site.
I am not sure how to set up the security with FA with passwordless. How will I keep a user from just going directly to one of my pages anywhere on my site?
Typically you want to have your server side code save off in a session whether the user is logged in or not. Then you can have any of your web application show different messages or protect pages based on that.
Is it a a security mistake to allow them to access one of my methods IN MY APP to start passwordless? Should I be handling the passwordless/registration/authentication from a totally different process for security?
I'm not sure what the attack vector is here. The real danger with passwordless is:
- attacker gets access to a user's email account
- attacker intercepts email to user
I don't think what you suggest will help with either of those situations, but if I'm missing something, please let me know.
-
RE: Secure DB Connection with TLS 1.3
Looks like this is fixed in openjdk 15, so will be picked up when we roll that out (no timeline, but we are on 14 now).
-
RE: Null origin issue with SAML callback in OAuth flow
@adam glad you were able to find a workaround.
I am assuming this won't be an issue in production as the SAML callback will be HTTPS -> HTTPS and not HTTPS -> HTTP.
I'm not sure, would need to set up a test environment. If you have a support contract, feel free to open a support ticket for us to do more investigation.
You could also set up a local proxy to have fusionauth be served over HTTPS (examples here) or you could use ngrok or something similar for your testing.
-
RE: metaData supplied to /api/login
I'm not sure I understand your question.
The data is available when you retrieve the refresh tokens using, for example, the
/api/jwt/refresh
endpoint: https://fusionauth.io/docs/v1/tech/apis/jwt/This helps you distinguish between different devices for an account, if you need to do so.
See also https://fusionauth.io/community/forum/topic/903/is-it-possible-to-limit-the-number-of-devices-a-user-can-login-with for a discussion of this.
-
RE: Single application for multi tenants
You cannot share FusionAuth applications between tenants, unfortunately. They are a tenant scoped object.
If you want to sync application settings across tenants, you can use a client library or the API to script changes.
Hope that helps!
-
OGGEH Cloud Computing switched to FusionAuth from Gluu
A conversation with @a-abbas: https://fusionauth.io/blog/2021/04/13/oggeh-fusionauth-gluu/
An excerpt:
OGGEH Cloud Computing is the only qualified Progressive Web Application (PWA) Agency by Google Developers in Africa and the MENA region. As well as the only Google Cloud Technology Partner in the Arabian countries! Actual users/customers are always looking for a simple way to manage their content at the backend. Something that does not involve writing mysterious markup like HTML and/or weird shortcodes as most plugins do (for WordPress, Joomla, Drupal, and others).
OGGEH Cloud Platform takes care of complex backend/infrastructure logic for security and scalability.
-
RE: Authentication for an Application with Web Client and Mobile front-ends
I am working on a multi tenant guide. Thank you very much for your feedback; I'll make sure to include it.
As you continue to build out your multi tenant application, please continue to post on the forum about your progress and/or any other questions.
We often hear our multi tenant support is a differentiator for FusionAuth, and would love to make it easy/clearer for everyone.