@dan Thank you very much for your answer !
I already use the API sorting features, and it's great ! =D
I just have users that are not technical and that are accessing the UI to get usage statistics. Regarding the deep customization possibilities of fusionAuth, I was surprised not to be able to add/remove columns !

The feature request has been created ! Thanks for suggesting ! https://github.com/FusionAuth/fusionauth-issues/issues/2086

@olly

Hmmm. It seems as though you have self service registration enabled. If this is the case, when an existing user registers for an application, the FusionAuth registration is automatically enabled.

Maybe I don't understand what you are trying to accomplish. Could you explain what you are trying to do?

Thanks @harish_reddy !

Per this comment, this is slated to be fixed under https://github.com/FusionAuth/fusionauth-issues/issues/1894 .

This is planned for 1.43.0, which is the next release.

Thanks.

@g-natsoulis

Hiya, can you explain a little more about what you are looking for? I'm not quite sure what you mean by "an OTP provider for an Exchange server that has ADFS authentication set up?"

@vindhyahegde2114

Hmmm. Haven't run into this before.

The refresh token revocation behavior is documented here: https://fusionauth.io/docs/v1/tech/core-concepts/applications#jwt and here: https://fusionauth.io/docs/v1/tech/core-concepts/tenants#jwt

Can you provide a few more details?

how are you logging the user in what are your refresh token settings for this application What is the what version of FusionAuth are you running

Thanks,
Dan

@fusionauth-0

Hmmm. So you are saying that:

you can connect from the ec2 instance to your postgresql instance. you can connect via the web to the fusionauth instance, but it is stuck in maintenance mode.

Where is the postgresql instance running? Is it on the same ec2 instance as FusionAuth?

What value are you putting for the hostname?

@eduards-celmins It is not built into FusionAuth, but if you use an email provider, they'll often provide such functionality.

Here's information about sendgrid: https://docs.sendgrid.com/ui/analytics-and-reporting/stats-overview

I believe there are similar stats captured for other email providers.

@langnerfrancesco What version of FusionAuth are you using?

What version of postgresql?

@vvicazz That's great news!

IMG_5038.jpg

Hiya! @paterik4

Kickstart is a wrapper over our APIs, so you want the API documentation. There are separate pages for each API endpoint, but the docs are all listed here: https://fusionauth.io/docs/v1/tech/apis/

Hope that helps.

@bharath-yadavally You could absolutely use the 2 step approach you outlined. There are two different approaches that have different strengths and weaknesses.

The tradeoffs are that if you make those two calls, you're depending on the identity provider to be up and available to your backend service. You're tightly coupling the backend service to the identity provider.

That can work fine, but as you scale, more and more backend services will be making those calls, and the idp and speedy connections to it become more and more critical to your application.

Contrast that with the webhook approach, where the data is pushed to every backend service, and only when a user is deactivated. In this case, there'll be far less coupling with the identity provider, at the cost of more complexity on the backend service side.

Hope that helps.

@kushalborda1997 Hiya,

We recently updated the documentation to make it more clear you shouldn't use the /api/jwt/reconcile endpoint for any identity providers except the external JWT provider. We'll change the application to make the error message clearer; here's the tracking issue: https://github.com/FusionAuth/fusionauth-issues/issues/2074

You should use the OIDC provider and the complete login endpoint. Here's documentation that should help: https://fusionauth.io/docs/v1/tech/apis/identity-providers/openid-connect#complete-an-openid-connect-login

Hope that helps!

@didier I'm not sure I understand.

You are saying you want to send the registration email yourself, not automatically with FusionAuth?

(There are two possible verification emails. One is for a user creation, which verifies their email whenever someone creates a user, for any application. Another is for registration verification, which again checks their email but only when someone registers for a certain application.)

If that is the case, use the skipVerification and skipRegistrationVerification settings if using the API. There are analogous settings in the admin UI as well.

More documentation here: https://fusionauth.io/docs/v1/tech/apis/registrations#create-a-user-and-registration-combined

and here: https://fusionauth.io/docs/v1/tech/core-concepts/applications#registration

and here: https://fusionauth.io/docs/v1/tech/core-concepts/tenants#email

@jose-cardenas Hmmm.

Can you tell use anything more?

Are you able to create users with the API?

Have you set up the ingress proxy correctly, making sure you are sending the correct headers. More doc here: https://fusionauth.io/docs/v1/tech/admin-guide/proxy-setup

Did you follow the kubernetes installation guide?

@jesper Sorry to hear about the issues.

Can you try setting the http version, as outlined here:

https://fusionauth.io/community/forum/topic/2254/having-an-issue-with-nginx-in-front-of-fusionauth

@dtokarz1 That's great! Glad you figured it out, and thanks for letting us know.

@alison-rafaelc Hi Alison,

It depends on how you architect the FusionAuth system, but in our FusionAuth cloud system, we see downtime of seconds to minutes for system upgrades (depending on the number of users and the data being migrated). We get this by swapping out one node at a time, running in an 3+ node cluster. Some details here: https://fusionauth.io/docs/v1/tech/installation-guide/cloud#upgrade-duration

Worth noting that you control when you do the upgrade, unlike a typical multi-tenant saas.

We have a number of customers and community members with thousands of tenants and millions of users so the numbers you mention seem fine. I'm glad you were able to stand up a FusionAuth cluster and load test it.

Zero downtime upgrades are something we've discussed internally and have a strategy for, it just hasn't made it onto the roadmap yet.

If you'd like to have a discussion with a technical sales team about FusionAuth and SLAs, I'm happy to have someone reach out to you.

@nlunn Yes, you should be able to do this using one of the newer patch methods. These are unfortunately not available in the client libraries (yet), but can be used with an HTTP request.

More details here: https://fusionauth.io/docs/v1/tech/apis/#the-patch-http-method