I think the way I'd approach this is:
At cutover time:
I get that is an additional complexity, but hopefully that helps.
I have a large number of users. I want to import them into FusionAuth with their password hashes and the accompanying data like the factor.
But my cutover is going to be slow, so I expect some percentage of people to change their password hashes after the import.
So I'd like synchronize any password hashes that changed in the meantime, and then roll out FusionAuth.
I can't re-import password hashes for an existing user, and the User API doesn't let me update passwords hashes, per this closed issue: https://github.com/FusionAuth/fusionauth-issues/issues/348
What would you recommend?
@hvfa At first glance this looks like a domain issue. Can you share an example of how your Authorized redirect URLs and Authorized request origin URLs are set up in relation to the applications. Please feel free to use example domains like https://domain1/ or https://domain2 and so on. It may also be useful to give the other OAuth settings for the applications as well (be sure to redact or obscure and sensitive information).
This is totally possible.
You want to start by understanding FusionAuth passkey setup and the normal flow.
Then, in your application, probably using one of the client libraries, you want to do the following for a user:
The right way to do the latter depends on your application needs (are you okay with a redirect) and whether or not you have at least a starter license.
For reporting on the number of users that have set up passkeys, unfortunately you have to query all your users and then pull the passkey data individually. There's no way to use the elasticsearch syntax to do the query as of yet. There's an open github issue to add that functionality.
I have an application using FusionAuth, and I want to prompt my end users to set up passkeys. Having this authentication method will improve their security and ease their future logins.
I know I can enable passkeys for FusionAuth using the community edition license, but how can I add a prompt in my application code/UI to have them set it up?
@ralph Thanks for following up and sharing!
@ralph Are you getting the same errors? I did see a reference to trying pg_dump vs pg_dumpall. Can you try that and let us know if it works?
@james-hudson You may want to check out this blog post. Hopefully that can help.
@scottw Hopefully, I can get a little time over the next couple of days and see if I can duplicate it. I will let you know if I find anything. Anyone else seeing his behavior?
