RE: reset fusionauth using the cli

@dan no, I mean to do a reset of the entire fusionauth.
It's ok we worked out the easiest way was dumping the db and letting it all get regenerated. and going from there.

I experimented with the /api/jwt/vend and it does exactly what I need it to do.
creating a temporary JWT using a key saved in keymaster which allows access to all claims (only locked ones were the key life related ones)
solved perfectly.

we currently save the jwt returned after logging in between sessions and use it to allow the user to automatically log back in on its own.
We use the POST /api/jwt/refresh to get a new access token when a user refreshes their page or has opted to "remember me" and allow the app to automatically log in on its own (as long as the saved jwt is valid)
The issue we are runing into though, is the login api provides the user object also, where as the refresh jwt does not.

i Imagine i could just ofc call the retrieve/user api but i wanted to find out if im doing the wrong thing to start with and there is a better way to do what im trying to do (like something as simple as "login with jwt" or something like that)

@dan no, I mean to do a reset of the entire fusionauth.
It's ok we worked out the easiest way was dumping the db and letting it all get regenerated. and going from there.

how can i reset fusionauth using the CLI?
I tried to do it using a kickstart file and it failed, and now i am locked out of the system as the users didnt create correctly.

Is there a way to reset it again using the cli?

I experimented with the /api/jwt/vend and it does exactly what I need it to do.
creating a temporary JWT using a key saved in keymaster which allows access to all claims (only locked ones were the key life related ones)
solved perfectly.

I've been working with v1.29.4
I noticed in v1.30.0 the jwt vending machine api was added.
In the github topic for it, it states that the user defines the entire claim.
Are there any claims that are protected with this?

I'm thinking this might be a solution that I could use to do what I'm trying to do.

Hi,

I'm trying to get fusionauth to be the authentication handler for my system.
I want to be able to use the token generated by fusionauth to be able to log into firebase using firebase.auth().signInWithCustomToken(token)

I have setup my public and private keys correctly and adjusted the require claims in the jwt populate lambda, however there is one thing that is blocking this from being possible now.

fusionauth has 3 claims that are unable to be modified.
exp, iat, sub
https://fusionauth.io/docs/v1/tech/lambdas/jwt-populate/

but firebase requires sub to be the google service account for your project.
https://firebase.google.com/docs/auth/admin/create-custom-tokens

From what I can see, sub in the jwt in fusionauth is the users unique id.

the google requirements provide uid as the unique identifier to be required in the jwt payload.

Is there a way to make fusionauth look for uid in the jwt instead of sub so I can get this to work? Or am I now at an impass?

Does anyone have any suggestions for a better way to do what im trying to do here?