Hard to know exactly what's going on.

I would try creating another tenant and seeing if the same SMTP settings fail. Then I'd try standing up a version with the very latest FusionAuth version and seeing if you see the same behavior.

Also, do you have the same tenant smtp settings? That is under the "advanced" tab, then "smtp settings".

@richb201

The documentation says that this is optional. But not in my case.

Can you elaborate on where you found this in the doc?

The error should say missing "X-FusionAuth-TenantId"

Can you elaborate on this?

When I get back the "code" do I need to manually convert it to a token, or is this done automatically?

You may want to review our OAuth guide. Using a OAuth2 flow, it is common to have two separate endpoints (authorize and token) to obtain access. The "code" is returned from FusionAuth and is used (in conjunction with a few other possible factors) to obtain an access token (in our typescript client, this is the client.exchangeOAuthCodeForAccessTokenUsingPKCE function)

We do have a few tutorials as well, that show this in action (nodeJS tutorial being one of them)

Lastly, for general housekeeping's sake, this thread is getting a bit long, with a few related posts clumped together. For future questions, if the question is unrelated to the posts immediately above, it might be good to open a new thread.

In the next release we plan to add additional options for IdPs for account linking. In this up-coming release you should be able to do things such as:

Use an IdP that only uses usernames (at your own risk) Modify or build an email address using a Lambda for any IdP (at your own risk) Modify or build a username using a Lambda for any IdP (at your own risk) Use an IdP that does not have a username or email address

But if I put these in the application, won't this be a security problem?

If you put them in a javascript app, yes. But if they are in the php application only, then it'll be like a database password. Not really a security issue.

You could also inject them as an environment variable or pull from a secrets manager; however you manage your database credentials, I'd suggest doing the same with the client id/secret.

@maciej-wisniowski That was done when we found that there was a bug in

#FROM fusionauth/fusionauth-app:1.19.4

and we replaced it with:

FROM fusionauth/fusionauth-app:1.19.7

Awesome!

thanks , I will do just that

Best Regards,

Thanks @sjswami , this duplicate ids issue is now resolved in 1.19.7. Appreciate you letting us know about it: https://github.com/FusionAuth/fusionauth-issues/issues/890

solved. I needed to type DELETE.

Thanks awesome @richb201 !

I'm glad you were able to sort it out!

@dan Thank you for your support. Fixing the signature just saved me another couple of hours (also coming from https://fusionauth.io/blog/2020/07/14/django-and-oauth/) ^^

@joseantonio Glad to hear it!

Hi,

Thank you for this i have managed to get past the issue with the database i changed to to postgres SQL and it worked fine, I'm just to figure out if i can ass Exchange 2016 to this application so users are made to get a Auth code before they can logon to exchange.

Thanks,

Related GitHub issue with details.
https://github.com/FusionAuth/fusionauth-issues/issues/178

In case anyone else would like to do the same, I have found a solution which I have detailed here:

https://github.com/FusionAuth/fusionauth-issues/issues/822#issuecomment-680172776

Thanks, that's great to hear!

We have a long term project to overhaul the client libraries but it's on hold for right now. Appreciate the feedback.

I wrote a guide for running fusionauth in a clustered/multi node setup: https://fusionauth.io/docs/v1/tech/installation-guide/cluster/

The bug about the ip addresses being the same (which was only a display bug, not a functionality bug) was also addressed in 1.23.0: https://fusionauth.io/docs/v1/tech/release-notes/#version-1-23-0

@naughtly-keller or @sander

Not sure if one of you were the creator of this?

https://next-auth.js.org/providers/fusionauth

or if not, at the very least I wanted to pass along the additional info that is now available

Thanks,
Josh

@dan

Hello,

I am happy that I got the answer for my doubt by going through the conversation.

thank you so much.

Samo

I'm so glad you solved it!

@sswami said in After Chrome 80+ Cookie Set SameSite=None requires 'Secure' in Android WebView doesn't seem to complete Authorize:

I don't know, if what I am doing is best practice or was there something else I should have done, at least this is working for me as now.

In the blog post I mention, the app uses the react-native-app-auth library, that may be worth investigating as it provides the hooks into the native browser.

This may be worth investigating so you don't have to support your own solution, though of course I'm glad you have it working.

There is another issue, calling /api/logout?global=true&refreshToken={refresh_token} only signs out of the app, but doesn't signout from the FusionAuth completely, making it redirecting back to the App instead of the Login Screen?

You should remove your access tokens in your client when the logout button is pressed. The FusionAuth logout API only removes cookies. This post may be helpful: https://fusionauth.io/community/forum/topic/270/logout-questions