Hi Dan,
Running single node of 1.18.5 on Kubernetes with postgresql on the same VM. We don't see the problem very often so let me get some load testing configured.
David
Hi Dan,
Running single node of 1.18.5 on Kubernetes with postgresql on the same VM. We don't see the problem very often so let me get some load testing configured.
David
Thanks Dan - the manual endpoint configuration did the trick. I put the parameter on the authorization URL.
David
Thanks Dan - the manual endpoint configuration did the trick. I put the parameter on the authorization URL.
David
Afraid not. This isn't an issue of selecting the right IdP for the user or an issue of wanting to skip FusionAuth login screen .
Once control is passed to Google - I need to ensure that Google prompts the user for Google Account selection. I can't have Google assuming that the user wants to authenticate using the active Google Account - it needs to ask.
We have users with multiple google accounts (private and school accounts, for example).
Some users will mistakenly connect on a private account, which isn't registered with us. FusionAuth automatically creates the account, but user doesn't get registered for our apps that way. So we bounce them out, returning them to our splash page.
Then they try to login again and this time they fall into our app, by-passing the Google account selection screen. The wrong Google account is still active and they get bounced. No easy way to get out of this mess, short of going to a Google site in the browser and logging out.
I'm thinking that perhaps we need to always show the Google account selection screen. For the record we aren't using the canned Google IdP but we've created two (managed and unmanaged) using OpenID. Google docs suggest that prompt=select_account can be passed on the OAuth2 authorization URL. Is there a way to specify options that should be used for each IdP? https://developers.google.com/identity/protocols/oauth2/openid-connect#prompt
Okay so if we refocus on the apparent instability of the nodes - how can we check on node startup times to see if the data reported in the About UI is accurate?
@dan do you have any ideas on next step to help figure out what is happening here?
Ugh, somehow I wasn't watching my own thread.
Yes this is deployed on Kubernetes.
On the About screen we have indications that all our nodes are sharing the same IP address. The nodes seem to be restarting at odd times too, unrelated to system load. The start times shown here are Saturday evening and we had zero login activity until my 9:30pm login to generate the screen capture.
Is any of this expected?
Can you share any specific details about the basic cloud option with Sydney as the selected region?
What class / size VM is it on, which database and where is the db hosted? Basic is a single node only? Does 'cloud' create any restrictions in addition to Community edition when self hosted?
We need the custom domain. Our MAU is very low and we are pinching pennies but the basic tier is starting to look attractive.
Hi Dan,
Running single node of 1.18.5 on Kubernetes with postgresql on the same VM. We don't see the problem very often so let me get some load testing configured.
David