You could use the skipVerification parameter (set it to true) on the user or registration create statement, and then the https://fusionauth.io/docs/v1/tech/apis/users#resend-verification-email call with sendVerifyEmail set to false.

This would give you a verificationId you could use with this API call: https://fusionauth.io/docs/v1/tech/apis/users#verify-a-users-email

@fusionauth_user, are you using Klemen's schema or did you create your own?

Hiya,

A few questions for you?

What version of FusionAuth are you running?

What step throws the error?

Did you walk through the 5 minute setup guide? That will ensure you have everything configured correctly on the FusionAuth side.

Related GitHub issue with details.
https://github.com/FusionAuth/fusionauth-issues/issues/178

This configuration should be available to you already using the IdP configuration.
https://fusionauth.io/docs/v1/tech/identity-providers/facebook#create-a-facebook-identity-provider

When using the fields and permissions values, can you get the user's first and last name?

You can use the user.data and registration.data fields to store arbitrary key value data.

If the metadata is associated with the user, use user.data. If it is associated with the user's account for a given application, use registration.data.

Note that this field is read/write via the API, but only readable via the administrative UI.

Here are some notes about the limits of these fields: https://fusionauth.io/community/forum/topic/89/how-large-can-the-data-field-be-for-any-of-the-fusionauth-resources

And for the latter option, should I use a webhook for registration events

If you want a separate database, that's the way to do it. Listen for a webhook and create the records then.

Whether you should use the data fields or a separate database depends on what you are trying to do. The data fields are simpler and more tightly tied to the user records. You can also query them, but you'll be writing elasticsearch queries.

If you'd rather write straight SQL or will be storing lots and lots of data about a user (for example, their entire login history for analytics), then a separate database might work better. Of course, that's another system to maintain, so more complexity is the tradeoff.

Looks like another set of bugs:

https://github.com/FusionAuth/fusionauth-issues/issues/839
https://github.com/FusionAuth/fusionauth-issues/issues/840

Sure looks like a bug to me. I was able to replicate.

Filed an issue here: https://github.com/FusionAuth/fusionauth-issues/issues/838 if you want to track it.

I figured it out…. I just had to put state.client_id in parens so it resolved them together.

[#assign clientId = (state.client_id?string)!"dafb6ef6-a2a8-4d34-9d69-59bfed3e31aa" /]

When you re-index, we delete our named index and rebuild it.

You would probably be better off creating your own index.

Hiya,

I'd suggest reading/working through this blog post: https://fusionauth.io/blog/2020/03/10/securely-implement-oauth-in-react

You have to do a couple of things (provide the right scope, pass the correct JWT back to the correct endpoint), and it might be fastest for you to read through that and post any questions you have. (If you aren't comfortable in javascript, please let me know which language you are comfortable in and I'll see if I can dig up an example.)

If you want to add or remove a registration from a user (registrations are how a user is authorized to use an application) you could either allow someone to use the FusionAuth admin screen (possibly with a limited role) or you could use the API to build your own more limited interface.

Here's the API call you would want for this specific use case: https://fusionauth.io/docs/v1/tech/apis/registrations#delete-a-user-registration

There is no supported client library for Delphi.

I'm also not aware of any community supported client library for Delphi.

But here is a post indicating that someone built at least pieces of an integration layer. I'd suggest reaching out to John Kouraklis and seeing if they have any code to share.

It looks like multi match (at least as of 2019) doesn't support wildcards:

[a] multimatch query requires match queries as its internal queries. And a match query doesn't support wildcards.

https://discuss.elastic.co/t/query-with-multimatch-and-wildcard/189962

Can you try with a non wildcard query?

Heya,

JWTs are stateless tokens of identities. If you want a JWT to be revoked after someone has logged out from FusionAuth, you need to tie state back in.

See this article for various options for revoking JWTs: https://fusionauth.io/learn/expert-advice/tokens/revoking-jwts

This is possible. Doing so allows you to weave passwordless into the normal OAuth flow so you can use standard OAuth libraries but not have your user enter a password.

Start the passwordless login on the server side (using the API). Get the passwordless code. Send this url to the client: [FusionAuthURL]/oauth2/passwordless/[passwordlesscode]?redirect_uri=[redirect URI]&response_type=code&client_id=[client_id]. Have the client request this url. It'll be just as if the user had authenticated via the /oauth2/authorize endpoint and the user had entered their credentials. You'll get back an authorization code which can then be exchanged for an access token/JWT.

If you navigate to the Tenant configuration and view the password tab, you should see it as an option in the encryption scheme section.

You can also view the logs during startup and confirm it was registered.

I'm not sure I understand your question. I'd use OIDC for the login form, but the whole point of OAuth (at least the authorization code grant) is that the login process happens at a third party (FusionAuth in this instance).

If you want to have the user login and control the whole process (including your own pages), use the login API, or, if you must use an OAuth grant, the password grant.

Please feel free to give more information about your question, as again, I'm not sure I understood it.

Great to hear!