FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. mark.robustelli
    • Profile
    • Following 0
    • Followers 0
    • Topics 16
    • Posts 399
    • Best 25
    • Controversial 0
    • Groups 3

    mark.robustelli

    @mark.robustelli

    26
    Reputation
    43
    Profile views
    399
    Posts
    0
    Followers
    0
    Following
    Joined Last Online

    mark.robustelli Unfollow Follow
    FAQ Posters FusionAuth administrators

    Best posts made by mark.robustelli

    • RE: Implementing GitHub-like "Personal Access Tokens"

      @mou, Is this what you are looking for? https://fusionauth.io/docs/lifecycle/authenticate-users/application-authentication-tokens

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: Missing data.salution in /ouauth/userinfo which replaces /api/user

      @kiouplidis I found this in the documentation.

      In version 1.50.0 and later, the UserInfo response can be customized with a lambda using the oauthConfiguration.userinfoPopulateLambda value of the application object. See UserInfo populate lambda.

      In FusionAuth, you can add custom data to the oauth2/userinfo endpoint response using a Lambda function. This function can add extra claims to the UserInfo response. Here's an example of a simple Lambda function that adds a few extra claims:

      function populate(userInfo, user, registration, jwt) {
        // Add a new claim named 'favoriteColor' from a custom data attribute on the user
        userInfo.favoriteColor = user.data.favoriteColor;
        // Add a new claim named 'dept' using a custom data attribute on the registration
        userInfo.dept = registration.data.departmentName;
        // Copy a claim named 'applicationId' from the provided JWT
        userInfo.applicationId = jwt.applicationId;
        // Create an event log of type 'Debug' when the lambda has Debug enabled
        console.debug('Added custom claims to the UserInfo response');
      }
      

      In this example, the favoriteColor and dept are custom claims added to the UserInfo response. These claims are derived from the custom data attributes on the user and registration respectively.
      Please note that the Lambda function needs to be assigned to an application in FusionAuth for it to take effect.

      posted in Release
      mark.robustelliM
      mark.robustelli
    • RE: Salesforce error: Id_Token_Error: Missing or invalid iss

      Hello @yuval,
      I'm not very familiar with Salesforce but when taking a look at the guide there is a step that says "Scroll down to the Salesforce Configuration section and open the address from Test-Only Initialization URL in an incognito window.". What do you see when you try that?

      If you are not getting that information, can you please describe in a little more detail what steps you have taken and when you receive the above message about the invalid iss?

      posted in General Discussion
      mark.robustelliM
      mark.robustelli
    • Security Token Signature Key Not Found Exception: IDX10501: Signature validation failed. Unable to match key

      I am running through the Integrate Your .NET 7 Application With FusionAuth quickstart guide and encountered the error listed below.

      I think it has to do with following message in the guide:
      The script set up a RS256 asymmetric signing key. FusionAuth supports this signing algorithm, but doesn't ship with a default key.

      How do I add the required key to FusionAuth?

      Error Message:
      An unhandled exception occurred while processing the request.
      SecurityTokenSignatureKeyNotFoundException: IDX10501: Signature validation failed. Unable to match key:
      kid: '236bb45e-e88c-4f07-87ff-c93d6fb752a2'.
      Number of keys in TokenValidationParameters: '0'.
      Number of keys in Configuration: '0'.
      Exceptions caught:
      ''.
      token: '{"alg":"HS256","typ":"JWT","gty":["authorization_code"],"kid":"236cc45e-e88c-4f07-87ff-c93d6fb752a2"}.{"aud":"236bb45e-e88c-4f07-87ff-c93d6fb752a2","exp":1687312521,"iat":1687308921,"iss":"acme.com","sub":"e5e4a956-0f9d-4bec-9121-dededb20e00f","jti":"ca5d3d30-ef26-4e48-afcb-d5ba670ac2d4","authenticationType":"PING","email":"myemail@email.com","email_verified":true,"at_hash":"ANWNkB4EA34d0cr1A50zQg","c_hash":"eCEeL-bgcDFkzcpmNT5k9g","scope":"openid profile","nonce":"634229057201762476.ZDQ1NzEzZWMtM2M4OS00ODgxLWI3ZmEtNjJhZWY0MzhlOWYzN2I4ODdhNmQtYTI2OS00OTc0LThhOWEtYzc2OGEzYmIzN2M3","sid":"4fe9dcc0-1ce9-4819-a97a-47c38cb730b8","auth_time":1687308921,"tid":"a51e69f7-520b-6860-2d33-d1e12f797af9"}'.

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: 3rd Party Authentication

      @it-contracts Hello. I am pretty new to FusionAuth, but my understanding is that you are taking the correct steps. I am not aware of a way to do this within a single call.

      Are you simply looking to be more efficient with the calls or is there some reason this workflow will not work for you?

      posted in General Discussion
      mark.robustelliM
      mark.robustelli
    • Using Analytics to Track Registrations

      What is the best way for analytics tracking after a user has successfully registered?

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: 3rd Party Authentication

      @it-contracts I apologize for misunderstanding your initial question. You and @kash are correct in that by using FusionAuth, it will appear to be one call from your perspective. However, in the background, FusionAuth will still need to make the same amount of calls to the the access token. And another nice thing about using FusionAuth is that you will be able to add other identity providers in the same way.

      posted in General Discussion
      mark.robustelliM
      mark.robustelli
    • Multi-Region Cloud Setup

      Does FustionAuth support multi-region active-active set-up for cloud services?

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: 3rd Party Authentication

      @it-contracts Can you please share the OAuth settings you have for your application? In the Fusion Auth Admin UI select Applications. Select Edit or view for your application. Share the OAuth and JWT settings. Be sure to remove any sensitive information before posting here.

      posted in General Discussion
      mark.robustelliM
      mark.robustelli
    • RE: Add User to group not working

      @sandesh Thanks for sharing her on the forum. Hope you are able to accomplish your end goal with the APIs.

      posted in Q&A
      mark.robustelliM
      mark.robustelli

    Latest posts made by mark.robustelli

    • RE: Duplicating an application held in 'Tenant1' to 'Tenant2' stays in 'Tenant1'

      @francis-ducharme-0 You may have to parse the json returned from the get and modify a few things. Does the application get created but not work or does the application not get created? I would think you would need to take the relevant parts from the returned application then create the application under a new tenant? Remember you will have to use the new TenantId in the Request Header. If you are not supplying the TenantId, it will use the default.

      On a side note: If you are still interested in a duplicate application across tenant feature in the API, you might want to put a request in.

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: Doubling of login records

      @sergey_smirnov, it is awesome that you are able to follow and create steps to replicate the issue. To be 100% I'm not sure if this is a bug or a feature request. If FusionAuth is not behaving as you would like it, I would suggest opening an issue on Github. Be sure to include the details and repeatable steps.

      posted in General Discussion
      mark.robustelliM
      mark.robustelli
    • RE: Duplicating an application held in 'Tenant1' to 'Tenant2' stays in 'Tenant1'

      @francis-ducharme-0 Hey, after taking a look, it seems the only way to do it is to get the application you want to use, parse the JSON for the things you want to keep and then format new json for the create. So you can do it, it is just going to take a little extra work. Sorry for the inconvenience.

      I'm not sure exactly what you are trying to accomplish, but have you checked out Universal Applications? A bit more documentation on them is available here.

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: Duplicating an application held in 'Tenant1' to 'Tenant2' stays in 'Tenant1'

      @francis-ducharme-0 I was unable to tinker with this last week, but didn't want you to think I forgot about it. It is still on my list when I have some availability. Will post if/when I find something.

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: Migrate users with a salted hash passwords?

      @michaelgaffney278 Is there a reason you would like to keep the existing users on the old hash? It doesn't seem like it. If you would like to rehash all users when they login, please check this out. It talks about rehashing all passwords for a custom hash, but if you select an existing hashing scheme, it should convert it as well. Is this what you are after?

      Screenshot 2025-08-18 at 8.54.18 AM.png

      I would think you could migrate all the existing users with your custom hashing, then at some point switch the hash setting and be where you want.

      I would test this out before trying in production, but it may do the trick.

      posted in General Discussion
      mark.robustelliM
      mark.robustelli
    • RE: How to track user online/offline/idle times in real-time dashboard & reports using Kafka events from auth server

      @d-chinguun-0301 Interesting use case. Once the user has authenticated, FusionAuth doesn't know much about what the user is doing other than to refresh tokens or log out the user. You could put some logic in the application itself that would help you calculate.

      Also, I did come across this post that might give you some ideas too.

      Would love to see some screenshots once you get it up and running!

      posted in General Discussion
      mark.robustelliM
      mark.robustelli
    • RE: Duplicating an application held in 'Tenant1' to 'Tenant2' stays in 'Tenant1'

      @francis-ducharme-0 It looks like you can do it through the AdminUI and generally if you can do it through the AdminUI, you can do it through the APIs. I should have some time later this week to test this out. If anyone else gets a chance to before then, please let us know.

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: Migration of Fusion Auth hosted (AWS) to GCP

      @lambert-torres You can get support for FusionAuth. Please see the pricing page if you are interested. I'm not sure if this is your exact situation, but you might want to look at this blog post as well.

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: Using server-side GTM with FusionAuth for Google Ads tracking

      @witard91335 Interesting, how do you see the flow working? What kind of tags are you trying to track though FusionAuth?

      posted in Q&A
      mark.robustelliM
      mark.robustelli
    • RE: Force logout

      @d-chinguun-0301 Have you tried deleting their session from the Admin UI?
      5f6d5b08-3491-4487-9bc0-492ac947a7ec-image.png

      posted in Q&A
      mark.robustelliM
      mark.robustelli