@troy-squillaci I think you need to set the value of database.root.user.

If that is not set, FusionAuth can't create any tables, which it will try to do if the tables are not set up.

Have you manually bootstrapped your database (that is, run the sql as documented here to create the needed tables)?

@vinicius-campitelli thank you!

@tiny-lamp6590 said in React SDK Example Issue:

I think I am a bit burned out on getting this to run locally, will probably eject the whole thing and retry with a clean start with only changes to the cookie security when I have the bandwidth. Thanks again for your suggestions.

Maybe that would be the best approach to be honest... I just cloned the repository, started the FusionAuth instance with docker compose up in that folder, installed dependencies from client and server and everything works, even with the secure: true (which I think browsers just ignore when running locally).

I tried both Firefox Developer Edition 114 and Chrome 113 and they run fine. Which browser are you running on? Have you tried disabling extensions or going incognito?

image.png

@tiny-lamp6590 Hey folks

As of FusionAuth 1.45, we have something that mimics the express server functionality built into FusionAuth. We call it the 'hosted backend'.

You can see it used here: https://github.com/FusionAuth/fusionauth-example-react-guide

It's documented here: https://fusionauth.io/docs/v1/tech/apis/hosted-backend

But using an express app will give you more flexibility (to choose a different cookie name, or do additional processing during the token exchange).

We are working on a tailwind integration doc so that you can use the same tailwind css between your react app and FusionAuth login pages. Here's the PR for that: https://github.com/FusionAuth/fusionauth-site/pull/2117 (still under review).

Thanks for using FusionAuth!

Note for future folks -

Resolved under this issue https://github.com/FusionAuth/fusionauth-issues/issues/1742

And in version 1.44

https://fusionauth.io/docs/v1/tech/release-notes#version-1-44-0

Apologies for reviving a months-old thread, but I'm new on this forum and I'm hunting for similar info. I came across your post about SSO using the /api/login endpoint in FusionAuth.
From what I've learned recently, the login API doesn't currently support SSO. The hosted login pages, on the other hand, provide a bunch of functionalities, including SSO. So, for now, it seems like using the standard hosted login page is the way to go.

@dvanmil Thanks for the clarification. Currently FusionAuth returns the totalCount as part of the user search results. You could use that, with multiple requests, to build the facet numbers.

@dvanmil I think I answered your question here: https://fusionauth.io/community/forum/topic/2382/elastic-search-facet-search/1

I'm sorry for the moderation that might have caused you to post twice. We have a spam problem so every new poster needs their first post reviewed. Future posts from your account shouldn't be delayed.

If a user is still receiving a SearchEngineRequestFailedException after a system reindex and patching, there could be several reasons for this.

Firstly, the issue may not have been related to the index or patching, but rather a problem with the user's search query or the way they are interacting with the system.

Alternatively, it could be that the reindex and patching process did not fully resolve the underlying issue, and further investigation or troubleshooting is necessary.

It's also possible that there are other technical or environmental factors at play that are causing the exception to continue occurring. In any case, it may be necessary to consult with technical support or seek out additional resources to diagnose and resolve the issue.

Based on the information you have provided, it seems like the issue with your FusionAuth deployment is related to license registration. It's possible that the non-production license you were using is not appropriate for your current usage, and that may be the reason for the message you received.

Regarding your question, deactivating your non-prod license and activating your prod license should not affect your current configurations, users, and permissions. As per the documentation you shared, deactivating a license does not remove any configuration previously saved while the license was active. Therefore, if you activate a new license, all of your previous configurations and settings should still be in place and accessible.

It's always a good idea to take a backup of your current configuration before making any changes, just in case. Additionally, I recommend double-checking with the FusionAuth support team or your Client Service Operations Specialist to confirm that switching to the prod license is the right course of action for your situation.

@boris

FusionAuth doesn't have a native MetaMask integration.

Does MetaMask support OIDC? A brief google doesn't show any options.

FusionAuth may not be the best fit.

But if you would like, feel free to file a feature request: https://github.com/fusionauth/fusionauth-issues/issues with more details.

@georgeandersons241

Hmmm. Can you show the error output? And share what installation method you are using?

Thanks!

@rcdunn

Welcome to the FusionAuth community!

Your base URL depends on where you install FusionAuth.

If you are using FusionAuth cloud, you can pick a base URL (rcdunn.fusionauth.io, for example).

Hope that helps.

Is there anyone using DigitalOcean having/not having such issues? Any clues what else I can do?

@pbholmen I would recommend installing from the .deb files if you are planning to use FusionAuth for production. Fastpath is great for exploring and development.

Java is listening on both ports because 9011 is the external port and 9012 is for internal calls. More details here in the configuration reference: https://fusionauth.io/docs/v1/tech/reference/configuration

@imsurya2442

Thanks for the question.

This may be related https://github.com/FusionAuth/fusionauth-issues/issues/2019. If it is, there is a workaround listed that you could attempt.

Thanks,
Josh

@mvanzyl I would start by upgrading FusionAuth. 🙂

1.7 is quite old (more than 3 years), so most of the docs won't be useful to you.

Can you share how to get FusionAuth upgraded in CapRover?

@brandencaufield

Thanks for providing the overview of the differences between FusionAuth and Auth0. As a FusionAuth employee, I had a few comments to make:

FusionAuth Community is fully open-source,

FusionAuth Community is free to use, but not open source. More here.

Auth0 provides dedicated customer support for their customers, including phone and email support, while FusionAuth Community relies on community support through their GitHub repository and online forums.

This is true, but you can also purchase a support plan for FusionAuth. At the time I'm writing this, if you purchase either Essentials or Enterprise, you get direct engineering support access, up to and including phone support (feel free to contact sales for more details). These also include advanced features.

Here's pricing and more on technical support.

Thank you, this worked.

ok main thing is, is it ok to use header ES256 for jwt created using secp256k1 keys?

https://datatracker.ietf.org/doc/html/rfc8812 says, secp256k1 curve should only be used with ES256k header, but in authfusion even if we give k1 pair keys and then use sign and encode a JWT using EC, it will come as ES256 only, is that okay?

Another doubt is, those jwt (k1 curve keys + ES256) created in authfusion is only able to verify in jose4j with .setRelaxVerificationKeyValidation() //needed if the key is smaller than 256 bits.

Without it we get the error:

JWT processing failed. Additional details: [[17] Unable to process JOSE object (cause: org.jose4j.lang.InvalidKeyException: ES256/SHA256withECDSA expects a key using P-256 but was null):

Description inside setRelaxVerificationKeyValidation :

Bypass the strict checks on the verification key. This might be needed, for example, if the JWT issuer is using 1024-bit RSA keys or HMAC secrets that are too small (smaller than the size of the hash output)

Is it the correct way to validate jwt created using ec in authfusion?