FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. Popular
    Log in to post
    • All Time
    • Day
    • Week
    • Month
    • All Topics
    • New Topics
    • Watched Topics
    • Unreplied Topics
    • All categories
    • W

      Solved Creating Users Without SMTP: How to Manually Set Passwords in FusionAuth

      Frequently Asked Questions (FAQ)
      • api • • wesley
      2
      0
      Votes
      2
      Posts
      1
      Views

      W

      Yes, you can create a user without SMTP configured. In the Admin UI, disable the Send Setup Password option and set the password manually during user creation. If you’re using the API, set "sendSetPasswordEmail": false and include a "password" field in the user object.

      Users API

    • W

      Solved Safe Upgrade Guide: Moving from FusionAuth 1.54 to 1.59

      Frequently Asked Questions (FAQ)
      • upgrade • • wesley
      2
      0
      Votes
      2
      Posts
      8
      Views

      W

      During an upgrade, FusionAuth monitors your deployment, and if it becomes unresponsive for more than five minutes, the on-call engineer is alerted. A snapshot of the database is taken before the upgrade, so a rollback is possible, though it is manual and would result in data loss from the time of the upgrade to the rollback. Rollbacks are very rare and have only happened once in the past four years.

      You can safely upgrade directly to 1.59, and many customers do skip versions. The upgrade process is straightforward: once started, the deployment status changes to Upgrading and returns to Active when complete. For production instances, downtime is minimal (typically seconds, if at all) because multi-node deployments use rolling upgrades. Most upgrades take under 20 minutes, though in rare cases they can take up to an hour.

      FusionAuth never forces you to upgrade, but if you are running a very old version (1–2 years behind) and encounter issues, support may request that you upgrade before troubleshooting.

      Upgrading a Deployment

    • danD

      Solved Can I do a step up authentication with WebAuthn/passkeys?

      Q&A
      • webauthn passkeys step-up • • dan
      2
      0
      Votes
      2
      Posts
      65
      Views

      danD

      We have an open issue to make passkeys one of the supported MFA methods.

      But you can perform a step up passkey challenge using the APIs or the SDKs by doing the following:

      User tries to access a restricted resource Customer app sees if the user has already been granted access (via the presence of a cookie, or some other mechanism). If they have, let them through. If the user hasn’t been granted access, perform a webauthn assertion workflow Call the /api/webauthn/start to get the workflow started Interact with the authenticator to produce the signature and whatever other information is needed. This is authenticator-specific. Call the /api/webauthn/assert to complete the workflow and prove possession of the authenticator If the workflow is successful Write a cookie or whatever if you want to remember this permission Let the user through If the workflow isn’t successful Deny access

      If someone doesn't have a passkey enabled, which you can check by calling the /api/webauthn?userId={userId} API, direct them to the self-service account management passkey management pages.

      Here are the API docs for the webauthn API.

    • S

      Changes not being applied

      General Discussion
      • • • sspinn
      6
      0
      Votes
      6
      Posts
      2.6k
      Views

      mark.robustelliM

      @benlabbe2007 What version of FusionAuth are you running?

    • E

      Is there away to provide error message data from a webhook via either Webhook or Event logs?

      General Discussion
      • • • edschlough
      1
      0
      Votes
      1
      Posts
      44
      Views

      No one has replied

    • W

      Solved Implementing Phone Number Verification in FusionAuth Without Enabling 2FA

      Frequently Asked Questions (FAQ)
      • mfa • • wesley
      3
      0
      Votes
      3
      Posts
      342
      Views

      P

      We had the same setup - needed phone verification without 2FA in FusionAuth. Ended up using webhooks to trigger an external service. I integrated with sms-verification-number.com via their API because I needed real SIM-based numbers, not VoIP. Chose a Polish operator for a local test, and the code arrived in about 50 seconds. If the SMS hadn’t come through, the system would’ve canceled and pulled a new number automatically - no charge. Since we’re testing across regions, being able to switch countries fast helped avoid delays.