@sergey_smirnov hmmm..Ok can we verify this is 100% not user action? Can you add some logging to your application so we can see what a user is clicking or starting a new session? Then we can compare with the logs in FusionAuth.
Group Details
Private
administrators
Member List
-
RE: Doubling of login recordsposted in General Discussion
-
RE: Configure HTTPS with a custom certificate for our domainposted in Q&A
@john-0 If you log into account.fusionauth.io and click on Hosting, you should see your instance listed. From there select Custom URL(s) from the Action drop down. If you do not see those options, you may need other permissions.
-
RE: Configure HTTPS with a custom certificate for our domainposted in Q&A
@john-0 have you been through the documentation for custom domains? Is there something that is not working for you?
-
RE: How to implement magic link login across devicesposted in General Discussion
@njanaskie You are correct in that magic links are designed to be a one time use. I do not know of any work around for your situation.
It will be interesting to see if others chime in.
-
RE: How to get all locked usersposted in General Discussion
@francesgee836 I came across this open issue that may be of use.
If you are using the Elasticsearch search engine:
You can search for users with active:false to find users who are not active, which typically includes locked users.If you are using the database search engine:
You cannot directly filter for locked users in the search API. The workaround is to retrieve all users (using a wildcard search) and then filter for active:false in your application code after retrieving the results.Currently, FusionAuth does not provide a built-in filter specifically for "locked" users distinct from "inactive" users in the API or UI. The active:false filter is the closest available option, and it may include both locked and other inactive users.
-
RE: Doubling of login recordsposted in General Discussion
@sergey_smirnov I was referring to the application level. Try to disable it there and see if you are still getting the double login.
-
RE: Changing the fusionauth logging formatposted in Q&A
Worth re-emphasizing that this voids any warranty you might have from FusionAuth, per the license, exhibit A section 5.1.
You can't get support from FusionAuth if you modify the software.
-
RE: Unable to Obtain Tenant-Signed Access Token for Data-Plane Apps in a Multi-Client, Multi-Application FusionAuth Architectureposted in Q&A
@ezequiel-rebasa If you are just talking about testing, you could just add some data to the Lambda's to see if it works for your needs. This would allow you to test without having to spin up a second Docker instance. If it does work, then you may need to upgrade or figure out if you can use APIs to update the lambdas in the instances with the data you need.
-
RE: Doubling of login recordsposted in General Discussion
@sergey_smirnov If you are not using the JWT, can you disable it in the AdminUI?
-
RE: Step-up authentication trustChallenge/trustToken binding and validation for custom APIsposted in General Discussion
@fernando-hellwig Check out this piece of documentation on Step-Up Authentication when you get a chance. It sounds like what you are referring to.