@dan Hi Dan - I've added https://github.com/FusionAuth/fusionauth-issues/issues/758 as this looks seperate to me

@dan

Hello,

I am happy that I got the answer for my doubt by going through the conversation.

thank you so much.

Samo

Hiya,

It's hard to know what's going on without a few more details 🙂 ?

Are there any logins or other activity happening? Have you modified any of the default settings? Are you running everything (database, fusionauth, elasticsearch) on the t2.small server?

Hiya,

Wow, those are pretty close to zero! Seems like we could round once it gets to e-50 or something :).

This seems like a usability issue/bug.

Can you please file a github issue?

@adrien-laugueux said in NullPointerException with POST /api/identity-provider/start:

2020-11-02T09:12:47.670831893Z 2020-11-02 9:12:47.670 AM ERROR io.fusionauth.app.primeframework.error.ExceptionExceptionHandler - An unhandled exception was thrown
2020-11-02T09:12:47.670862293Z java.lang.NullPointerException: null
2020-11-02T09:12:47.670866593Z at io.fusionauth.api.service.authentication.SAMLv2IdentityProviderAuthenticationService.start(SAMLv2IdentityProviderAuthenticationService.java:176)
2020-11-02T09:12:47.670870593Z at io.fusionauth.app.action.api.identityProvider.StartAction.post(StartAction.java:61)

Thanks for reporting. This looks to be a bug, moving to GitHub.
https://github.com/FusionAuth/fusionauth-issues/issues/963

As a work around, pass in a dummy data object to the API, for example:

{ "applicationId": "1c212e59-0d0e-6b1a-ad48-f4f92793be32", "identityProviderId": "778985b7-6fd8-414d-acf2-94f18fb7c7e0", "data": { "workaround": true } }

Hiya,

Is this the post to which you are referring? https://stackoverflow.com/questions/58363278/how-to-block-multiple-sessions-on-single-account

I looked through our github issues and didn't see any open or closed issues about this functionality. So I think our current stance is, as the SO answer says:

There are many potential types of limits that could be put in place, such as limiting by IP, device, geographic location, session count, etc that these types of limits may be best solved by a Web Application Firewall (WAF) or some other specialized network security product.

However, we love to hear from users how to improve FusionAuth.

If this is an important issue to you, per our roadmap guidance, if you are a community member, please file a github issue. If you have an edition with support, please open a support ticket.

@pclark okay, thanks. Sometimes there are issues if FusionAuth is underprovisioned; I wonder if that is something you ran into.

I'm glad you found a workaround. If this pops up again, we can try to recreate.

After some further thought, I believe this is working as designed, though I agree this is weird.

When you create a checkbox and provide options, we display each option as a choice.

If you didn't want it to display true or false you could create a messages entry for that field. (In the theme admin section; more here: https://fusionauth.io/blog/2020/09/01/theme-registration-form/ ).

But I agree, I think in general you don't want to use checkboxes with multiple booleans, a select box is a better choice.

Hiya,

Thanks for using FusionAuth. Sorry about the confusion.

There are three ways to do FusionAuth registration:

using the APIs and building your own UX using the basic self service registration with hosted login pages <-- this sounds like what you are looking for using advanced self service registration with hosted login pages (only available with a paid license -- pricing starts at $125/month for this and other premium features)

Here's some starting docs:

An overview of FusionAuth's integration points The theme documentation; theming is how you make the hosted login pages look like your site. The advanced registration guide covers the advanced self service registration, including the differences between advanced and basic self service registration.

Hi @dipesh-soni

We're not able to debug the issues as it is not working on our production server but working fine on our testing server.

Are there any differences between production and test which might cause this? Java versions, FusionAuth versions, OS versions?

That's always where I start when I have two systems that should work the same but do not.

@harish_reddy thanks for letting us know!

I created a PR to fix this and will get it shipped in the next few days.

https://github.com/FusionAuth/fusionauth-site/pull/437

Cheers!

Have you reviewed the license FAQ?

https://fusionauth.io/license-faq/

If your scenario isn't described there, please provide more detail. If you'd prefer to explain over email, please contact us.

@didier-rano

It looks like there are two issues.

The first is that the SAML login lambda runs after the JWT populate lambda (or at the least the order is indeterminate) so your groups aren't being propagated, at least for Azure AD. More concerning to me is the fact that you are only seeing one SAML reconciliation for your user. I would expect that lambda to run every time the user logs in.

These feel like issues to raise on our issues repo, preferably with reproduction steps. I have been trying to find time to replicate it and file the issue, but if you can, that'd be very helpful.

The second is whether we support Enterprise Applications. I don't know if any of the community is using that particular feature. That does make sense why you are not interested in OIDC, however. Do you have a link for the Azure docs on this so I could learn more (I googled for them, but wasn't able to find anything relevant).

@amyers I'm not quite sure what you are suggesting. Are you saying that you'd like information on the user view (in the admin UI) about when a JWT created on login would expire? Or do I misunderstand you?

Thanks for the suggestion @david-oggier - this was previously working, but with some recent licensing changes we had to jiggle the handle to get it working again. All fixed!

Thanks @dan for bringing this up.