Navigation

    FusionAuth
    • Login
    • Search
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    1. Home
    2. Tags
    3. api
    Log in to post
    • All categories
    • E

      404 /api/two-factor/login
      General Discussion • two-factor api • • ethanmcgee

      3
      0
      Votes
      3
      Posts
      139
      Views

      E

      We managed to figure it out. It was a build error where IntelliJ was not updating the dependency. Thanks for the help.

    • M

      error 401 depends on API Key settings
      Comments & Feedback • api authorization settings • • muravyov.alexey

      3
      0
      Votes
      3
      Posts
      436
      Views

      M

      I tried with all HTTP methods enabled for /api/user only, and it update user successfully.
      But if I tried only with GET and PATCH methods enabled for /api/user , I get 'statusCode=401'.
      Here is code

      import { FusionAuthClient, UserRequest } from '@fusionauth/typescript-client' ... export class FusionAuthService { private fusionAuthClient: FusionAuthClient; constructor(private context: Context) { this.fusionAuthClient = new FusionAuthClient(context.config.fusionAuth.apiKey, context.config.fusionAuth.apiUrl); } ... public async updateUser(userId: string, userRequest: UserRequest ) { return this.fusionAuthClient.updateUser(userId, userRequest) .then(clientResponse => { logger.info("User:", JSON.stringify(clientResponse.response.user, null, 2)); }).catch(logger.error); }

      here is invocation of updateUser method that happens on 'user.registration.create' event

      if (user) { const patchBody = { user: { email: event.user.email, data: { userId: user.id } }, } await this.fusionAuthService.updateUser(event.user.id, patchBody); }

      Now I understand that I use updateUser method and I don't know what kind of HTTP request it used.
      I have found patchUser and with it get success.

      Thanks for your help.

    • C

      Import Users; don't error on the existing ones
      Q&A • api import users • • casper

      2
      0
      Votes
      2
      Posts
      182
      Views

      joshua

      Hi @casper!

      Welcome to the community. This is working as designed. The import API is currently designed to only write new records to the database and not check if the record is already duplicated. This is partly for performance reasons. It maybe be possible to write a script to check existing records, and then only import "new" users based on that feedback, but we do not have any current documented cases of this.

      There is an option to get additional information about what is failing on your import.
      https://fusionauth.io/docs/v1/tech/apis/users/#import-users

      validateDbConstraints [Boolean] OPTIONAL Defaults to false Set this value to true in order to perform additional validation of the request. The import request is intended to be used to populate the initial set of users, this means FusionAuth does not expect to find duplicate users in the database. If a duplicate is encountered a 500 will be returned without this additional validation. If you intend to use this API with existing users in FusionAuth set this value to true to request additional validation be performed on the input request and a 400 response will be returned with JSON body indicating the duplicate values encountered. Setting this value to true will dramatically decrease the performance of this request. If importing large numbers of users in a single request you may need to increase request timeouts to ensure this request does not timeout before it has completed.

      I hope this helps,
      Josh

    • D

      Entity - create/update/delete API?
      Q&A • api • • dhait

      2
      0
      Votes
      2
      Posts
      138
      Views

      dan

      We were working on getting it documented and it shipped yesterday. Sorry for the delay!

      https://fusionauth.io/docs/v1/tech/apis/entity-management/ outlines all the relevant APIs, including entity CRUD.

      You might also be interested in the client credentials grant, one of the main use cases:

      configuring entities for the client credentials grant: https://fusionauth.io/docs/v1/tech/oauth/#configure-entities an example client credentials grant: https://fusionauth.io/docs/v1/tech/oauth/#example-client-credentials-grant
    • joshua

      How do I get more results than the default allowed by ElasticSearch?
      General Discussion • elasticsearch users api • • joshua

      2
      0
      Votes
      2
      Posts
      793
      Views

      joshua

      You have a few options.

      Limit Query One option is to find a way to limit your search by logical increments. For example, if you are searching on users you may consider obtaining and appending results by first name in a loop.

      As an example:

      for (letter in [a...z]) { query + " AND user email starts with $letter" // do work } Use Version > 1.24.0 when pulling something like users

      https://fusionauth.io/docs/v1/tech/apis/users/#request-parameters-12

      Request Parameters accurateTotal [Boolean] OPTIONAL Defaults to false AVAILABLE SINCE 1.24.0 Set this value equal to true to receive an accurate hit count on the API response. By default the search engine will limit the hit count to 10,000 users. This means that even if your query may match more than 10,000 users, the returned total count will be 10,000. This is adequate for many use cases such as pagination and general purpose queries. If you are looking for an accurate user count that can exceed 10,000 matches, you will want to set this value equal to true.
    • dan

      Can I create a tenant with the API?
      Q&A • tenant tenants api • • dan

      2
      0
      Votes
      2
      Posts
      130
      Views

      dan

      Yes.

      The only thing you can't create via the API is another API key. You can track that functionality on this issue.

      See the tenant documentation for more.

    • dan

      Can I programmatically provision tenants?
      Q&A • tenants api provisioning • • dan

      2
      0
      Votes
      2
      Posts
      122
      Views

      dan

      Yes. You can use the tenant API or any of the client libraries to created, read, update and delete tenants and all their configuration.

    • dan

      java.lang.NullPointerException when inserting users
      Q&A • exception user management api • • dan

      2
      0
      Votes
      2
      Posts
      254
      Views

      dan

      Version 1.12 is quite an old version. I would recommend upgrading and see if you can recreate the issue.

    • dan

      Unable to connect to the API now
      Q&A • api error • • dan

      2
      0
      Votes
      2
      Posts
      135
      Views

      dan

      Double check that you are calling the precise API URL.

      http://<hostname>/api/login will work, but http://<hostname>//api/login will not. Though some user agents ignore the double //, FusionAuth treats them as two different URLs, and returns HTML which the API client doesn't know how to parse (hence the error message).

    • dan

      Different JWT expiration times based on how they are generated
      Q&A • jwt expiration api oidc • • dan

      2
      0
      Votes
      2
      Posts
      164
      Views

      dan

      The JWT TTL can be configured per application, so if you were using a different application for OIDC vs an API - then you could do it.

      But if you don't want to use multiple applications, then it is not possible, at least currently.

      I could see a use case for asking for a JWT with a TTL equal to or less than the configuration and that request being honored, that could be a feature request. But as of right now, the only option is different applications.

    • dan

      Can I get the OAuth/OIDC endpoints for an application via the API?
      Q&A • oauth oidc endpoint api • • dan

      2
      0
      Votes
      2
      Posts
      128
      Views

      dan

      These are generated in the UI. So the values are not available from the API.

      However you can derive them yourself as well. We just take the URL + /oauth2/authorize?... + redirect_uri etc.

    • dan

      Retrieving all users
      Q&A • users api search • • dan

      2
      0
      Votes
      2
      Posts
      388
      Views

      dan

      From the user search docs, for the database search engine:

      Regular expressions may not be used. A value of * will match all records.

      For the elasticsearch search engine, you are limited to 10,000 records returned due to this bug: https://github.com/FusionAuth/fusionauth-issues/issues/494

      Here's docs on how to switch between them: https://fusionauth.io/docs/v1/tech/tutorials/switch-search-engines

    • dan

      Limit on deleting users
      Q&A • delete users api • • dan

      2
      0
      Votes
      2
      Posts
      120
      Views

      dan

      If you use the request body you should be fine. You can do a lot more than 500 if you like.

      I would start with 5-10k and see how performance is.

    • dan

      Can you register a user to an application at the same time as you create them
      Q&A • registration user api • • dan

      2
      0
      Votes
      2
      Posts
      152
      Views

      dan

      Is this what you are looking for?: https://fusionauth.io/docs/v1/tech/apis/registrations#create-a-user-and-registration-combined

      That API does return a token as of v1.17.0.

    • S

      Best practice for storing additional metadata for users
      Q&A • api saas • • saurabh.sharan1

      2
      0
      Votes
      2
      Posts
      322
      Views

      dan

      You can use the user.data and registration.data fields to store arbitrary key value data.

      If the metadata is associated with the user, use user.data. If it is associated with the user's account for a given application, use registration.data.

      Note that this field is read/write via the API, but only readable via the administrative UI.

      Here are some notes about the limits of these fields: https://fusionauth.io/community/forum/topic/89/how-large-can-the-data-field-be-for-any-of-the-fusionauth-resources

      And for the latter option, should I use a webhook for registration events

      If you want a separate database, that's the way to do it. Listen for a webhook and create the records then.

      Whether you should use the data fields or a separate database depends on what you are trying to do. The data fields are simpler and more tightly tied to the user records. You can also query them, but you'll be writing elasticsearch queries.

      If you'd rather write straight SQL or will be storing lots and lots of data about a user (for example, their entire login history for analytics), then a separate database might work better. Of course, that's another system to maintain, so more complexity is the tradeoff.

    • dan

      Building an admin portal based on FusionAuth
      Q&A • saas admin ui api • • dan

      2
      0
      Votes
      2
      Posts
      126
      Views

      dan

      If you want to add or remove a registration from a user (registrations are how a user is authorized to use an application) you could either allow someone to use the FusionAuth admin screen (possibly with a limited role) or you could use the API to build your own more limited interface.

      Here's the API call you would want for this specific use case: https://fusionauth.io/docs/v1/tech/apis/registrations#delete-a-user-registration

    • dan

      Can you use FusionAuth with GraphQL?
      Q&A • graphql api • • dan

      4
      0
      Votes
      4
      Posts
      1994
      Views

      dan

      @fusionauth_user, are you using Klemen's schema or did you create your own?

    • dan

      My JWKS are always empty
      Q&A • api jwks keys • • dan

      2
      0
      Votes
      2
      Posts
      532
      Views

      dan

      Symmetric keys are not returned on the JWKS endpoint, as they don't have a public key. Per the docs this api:

      returns public keys generated by FusionAuth, used to cryptographically verify JWTs using the JSON Web Key format

      If you create an RSA or EC key which is an asymmetric key pair - the public key will be returned on the JWKS endpoint. If you don’t have any key pairs configured , it will be empty. Out of the box, you’ll only have one HMAC key which we don’t publish in JWKS.

    • dan

      SOLVED Does FusionAuth have a health check endpoint on the API?
      Q&A • health check api • • dan

      5
      0
      Votes
      5
      Posts
      476
      Views

      B

      I see the redirection to /maintenance-mode-silent-configuration-failed if the futhionauth could start because the fusionauth database not reachable.
      cbd73a71-3346-46a7-806d-4afd700dca3c-grafik.png

    • dan

      Can I create an API key via the FusionAuth API?
      Q&A • api api keys • • dan

      2
      0
      Votes
      2
      Posts
      118
      Views

      dan

      There is no way to create API keys from the API.

      You can bootstrap the system with an API key using Kickstart. Kickstart would allow you to create one or more API keys, which can optionally scoped to a tenant. More on Kickstart: https://fusionauth.io/docs/v1/tech/installation-guide/kickstart

      However, this doesn't solve the issue of dynamically creating a tenant scoped API key. If that's a use case for which you need support, please file a github issue: https://github.com/fusionauth/fusionauth-issues with more detail.