api/user/registration 401 Nightmare
-
Hi everyone,
Im new and excited to be here, Im a fairly less experienced developer and Im giving FusionAuth a try. I am having an Authentication issue with the GET api/user/registration api, where I cant seem to get Authorization when try to get a users registration. Ive had no issues using the POST api/user/registration to create a registration and user, no issues with the GET api/user endpoints getting the user, but using the same api key and api permissions in super mode I cant get GET api/user/registration to Authorize.
I am supplying the API Key in the header, and the application Id and user Id in the params. Is there something else I missing that I possibly missed in the docs? As you can see in the code below Im calling the /api/user endpoint in the same function using the same Api Key, so I cant work out what It wont except it.
export async function getCurrentUser(email: String, id: String) {
console.log("email:", email);
console.log("id:", id);let userConfig = {
headers: {
"Content-Type": "application/json",
Authorization: window.ENV.FUSIONAUTH_API_KEY,
},
params: { loginId: email },
};try {
const user = await axios.get("http://localhost:9011/api/user", userConfig);
console.log("User_Data", user.data);
if (!user) throw Error;let regConfig = { header: { "Content-Type": "application/json", Authorization: window.ENV.FUSIONAUTH_API_KEY, }, params: { applicationId: window.ENV.FUSIONAUTH_APP_ID, userId: id, }, }; console.log("RegConfig", regConfig); const registration = await axios .get("http://localhost:9011/api/user/registration", regConfig) .then((response) => { console.log("Reg_Data", response.data); const payload = { userData: user.data.user, regData: response.data.registration, }; return payload; }) .catch((error) => { console.log(error); return null; }); return registration;} catch (error) {
console.log(error);
return null;
}
} -
@w0mbatscr1pt I am a little nervous seeing 'window' in your code are you trying to make this call on the client?
-
@w0mbatscr1pt what is your error code coming back?
If you are registering, it should still be a POST
To call the
/api/user/registrationendpoint in FusionAuth to register a user for an application, you would use an HTTP POST request. This endpoint can be used for two purposes:- To create a new user and simultaneously register them for an application (Full Registration).
- To register an existing user for an application.
Here is an example of how you might call the
/api/user/registrationendpoint usingcurlfor a Full Registration:curl -X POST -H 'Authorization: your-api-key' \ -H 'Content-Type: application/json' \ -d '{ "registration": { "applicationId": "application-id", "username": "user@example.com", "preferredLanguages": ["en", "fr"], "timezone": "America/Denver" }, "user": { "email": "user@example.com", "password": "password123" } }' \ 'https://your-fusionauth-domain.com/api/user/registration'Replace
your-api-keywith your actual FusionAuth API key,application-idwith the UUID of the application you are registering the user for, andyour-fusionauth-domain.comwith your FusionAuth domain. The JSON data in the-dflag should be the user and registration information you want to create.For more details on the API and the data you can send, you can refer to the FusionAuth API documentation for creating a user and registration combined: Create a User and Registration (combined) API.
-
Yeah Im just playing around with a remix client, using window.ENV is only temporary and Ill be switching over to using the Express server API shortly. I'm just trying to get my head around the flow and concepts, how to use each Parameter and API call. As mentioned in my initial post, I have no issue calling the POST method for api/user/registration and I am able to successful create a user and a registration. I am also able to GET user using the api/user endpoint. I am trying to figure why I cant see get Authorization when using the GET api/user/registration endpoint. I am trying to get the ROLE parameter response from the api/user/registration.
I am using the same API Key, Same Application ID and I have all API permissions unchecked. Am I missing a header or param field? or is there something else I need to enable in the FusionAuth backend?
Thanks for your help!
-
@alex-patterson The error was just simply 401 Authorized ....
I was also following this guide from the API docs:
Retrieve a User Registration
This API is used to retrieve a single User Registration. This is the information about a User for a single Application.Request
Retrieve a User Registration for the User Id and Application Id
GET/api/user/registration/{userId}/{applicationId}
Request Parameters
applicationId
[UUID]
Required
The Id of the Application that the User is registered for.userId
[UUID]
Required
The Id of the User whose registration is being retrieved.Request Headers
X-FusionAuth-TenantId
[String]
Optional
The unique Id of the tenant used to scope this API request.The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.
Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.
See Making an API request using a Tenant Id for additional information.
Response
The response for this API contains the User Registration.Code Description
200 The request was successful. The response will contain a JSON body.
400 The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.
401 You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
404 The object you requested doesn't exist. The response will be empty.
500 There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.
503 The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.
Response Body
registration.applicationId
[UUID]
The Id of the Application that this registration is for.registration.authenticationToken
[String]
The authentication token that may be used in place of the User’s password when authenticating against this application represented by this registration.registration.cleanSpeakId
[UUID]
This Id is used by FusionAuth when the User’s username for this registration is sent to CleanSpeak to be moderated (filtered and potentially sent to the approval queue). It is the content Id of the username inside CleanSpeak.registration.data
[Object]
An object that can hold any information about the User for this registration that should be persisted.registration.id
[UUID]
The Id of this registration.registration.insertInstant
[Long]
The instant that this registration was created.registration.lastLoginInstant
[Long]
The instant that the User last logged into the Application for this registration.registration.preferredLanguages
[Array<String>]
An array of locale strings that give, in order, the User’s preferred languages for this registration. These are important for email templates and other localizable text. See Locales.registration.roles
[Array<String>]
The list of roles that the User has for this registration.registration.timezone
[String]
The User’s preferred timezone for this registration. The string will be in an IANA time zone format.registration.tokens
[Map<String,String>]
DEPRECATED
A map that contains tokens returned from identity providers.For example, if this user has authenticated using the Facebook Identity Provider, the Facebook access token will be available in this map, keyed by name Facebook. For an OpenID Connect Identity provider, or other generic providers, if a token is stored it will be keyed by the Identity Provider unique Id.
Removed In 1.28.0
The token returned and stored from the Identity Provider is now stored in the IdP link and is retrievable using the Identity Provider Link API.registration.username
[String]
The username of the User for this Application only.registration.usernameStatus
[String]
The current status of the username. This is used if you are moderating usernames via CleanSpeak. The possible values are:ACTIVE - the username is active
PENDING - the username is pending approval/moderation
REJECTED - the username was rejected during moderation
If a username has been rejected, it is still possible to allow the User to update it and have the new one moderated again.registration.verified
[Boolean]
This value indicates if this User’s registration has been verified.Example Response JSON
{
"registration": {
"applicationId": "10000000-0000-0002-0000-000000000001",
"data": {
"displayName": "Johnny",
"favoriteSports": [
"Football",
"Basketball"
]
},
"id": "00000000-0000-0002-0000-000000000000",
"insertInstant": 1446064706250,
"lastLoginInstant": 1456064601291,
"preferredLanguages": [
"en",
"fr"
],
"roles": [
"user",
"community_helper"
],
"timezone": "America/Chicago",
"username": "johnny123",
"usernameStatus": "ACTIVE",
"verified": true,
"verifiedInstant": 1698772159415
}
}