FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Disable username and password fields

    Scheduled Pinned Locked Moved Unsolved
    Q&A
    2
    3
    1.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • danD
      dan
      last edited by

      How can I disable the username and password fields for FusionAuth? I only want folks registering and logging in via an identity provider like Google or a SAML provider.

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      danD 1 Reply Last reply Reply Quote 0
      • danD
        dan @dan
        last edited by dan

        As of right now, there's no out of the box way to do this. See this issue for more.

        There are two steps to take for a workaround, though.

        The first is to modify the theme. For example, to remove the username and password fields on the default theme, you could update the _input_text macro in the helpers template to look like this, where the loginId and password fields are intentionally blank.

        [#macro _input_text type name id autocapitalize autocomplete autocorrect autofocus spellcheck label placeholder leftAddon required tooltip disabled class dateTimeFormat ]
[#if name=="loginId"]

[#elseif name=="password"]

[#else]

[#if label?has_content]
  [#compress]
    <label for="${id}"[#if (fieldMessages[name]![])?size > 0] class="error"[/#if]>${label}[#if required] <span class="required">*</span>[/#if]
    [#if tooltip?has_content]
      <i class="fa fa-info-circle" data-tooltip="${tooltip}"></i>
    [/#if]
    </label>
  [/#compress]
  [/#if]
  [#if leftAddon?has_content]
  <div class="input-addon-group">
    <span class="icon"><i class="fa fa-${leftAddon}"></i></span>
  [/#if]
  [#local value=("((" + name + ")!'')")?eval/]
      <input id="${id}" type="${type}" name="${name}" [#if type != "password"]value="${value}"[/#if] class="${class}" autocapitalize="${autocapitalize}" autocomplete="${autocomplete}" autocorrect="${autocorrect}" spellcheck="${spellcheck}" [#if autofocus]autofocus="autofocus"[/#if] placeholder="${placeholder}" [#if disabled]disabled="disabled"[/#if]/>
  [#if dateTimeFormat != ""]
      <input type="hidden" name="${name}@dateTimeFormat" value="${dateTimeFormat}"/>
  [/#if]
  [#if leftAddon?has_content]
  </div>
  [/#if]
[/#if]
[/#macro]

        This will dissuade most folks, but if you want to ensure that no one is logging except via Identity Providers or if you are using the Login API and not the hosted login pages, you can use a webhook to make doubly sure.

        Look for the user.create.complete and user.login.success events and when you receive one, use the link API to examine the user to ensure they have at least one link. If they don't, fail the login or deactivate or delete the user, depending on your use case.

        Note that your original FusionAuth user won't be using an Identity Provider, so make sure to special case them and anyone else using the FusionAuth admin UI application.

        (The reason to use user.create.complete rather than fail the transaction, is because FusionAuth makes no guarantees about the order of the link creation vs user object creation on during the user creation process.)

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        S 1 Reply Last reply Reply Quote 0
        • S
          sspinn @dan
          last edited by

          @dan Thanks for this. I've tried your suggestion but the result isn't very pretty. Freemarker templates are a new one on me and once I dig into the default templates, when creating a new advanced theme, it's quite complex enough to begin with!

          I am usually the type to prefer more customisation than less but maybe there could be a couple of "cookbooks" or example templates somewhere? It's nice to see some visual examples in the docs but without knowing how to get there, it's a little disheartening.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post