RE: How do you make FusionAuth use Public IP on EC2?

Hey If you are running on a VM in AWS its important to do a few things,

Best would be to set up a webserver or loadbalancer to proxy and do SSL termination to your fusionauth instance.

The webserver would run on port 80 and 443, All non SSL requests would need to be redirected to 443. Then you let the webserver proxy and forward all headers to your fusionauth instance on the port where you have fusionauth running.

As for development mode, you can set this with an environment variable on the server check https://fusionauth.io/docs/v1/tech/installation-guide/fusionauth-app/ out for more info on this.

Hope it helps and cheers!

I think we can close this one as we are picking it up in https://fusionauth.io/community/forum/topic/1011/fusionauth-nextauth-refresh-tokens/5

@naughtly-keller Good one,

We are currently building an app on the same stack.

For user management we have written triggers and functions between hasura and fusionauth to keep the userdata in fusionauth up to date, we have also written all login, refresh and create user actions in hasura and functions.

If you want I can take you trough a tour...... and show you how we unified everything behind our Hasura gateway.

There is one issue we are currently working on before our stack is complete. The ability to use organizations. Maybe we can Collab on it and we will gladly share our code with you. @robotdan if @naughtly-keller wants to opensource the stack we are more than willing to contribute. We do have one issue in our implementation tho. And a little inspiration from your side would go a long way.

in our case all user management, syncing, login and other ops are executed by directly talking to our GQL endpoint( Hasura) this is all in working order. But we need to add organizations in the mix. We have an issue finding how we can leverage Fusionauth for this.

Ohh a preview test version of our app is available on https://thisisfashion.tv

@dan I have tried this migration,

There are 2 things that are not working, after migration the data is not in the public schema,

If i mitigate that by renaming public to public_old then the fusionauth schema to public and then delete the obselete schema.

When i fire up Fusionauth it gets stuck in maintenance mode.

We would really like to migrate to Postgres especially considering the new MySQL connector is not part of the docker image anymore.

I think we can close this one as we are picking it up in https://fusionauth.io/community/forum/topic/1011/fusionauth-nextauth-refresh-tokens/5

@dan
Ill give some more info on how we want to do it soon. as in a user story. whatever we come up with i woudl also like to incorporate in the blogpost / repos that we will share with @naughtly-keller.

Long story short would be.

How we solved users:
Create user request ====> graphql ===> azure function ( created user in FA, returns info, uses uuid and email to create user in our hasura DB users table. From the moment of creation of a user in DB, if in our DB something gets changed ( EG name usermane email etc, this request triggers a function to update and sync that change with Fusionauth.

For auth we include and X-hasura-user and role in the JWT. inside of hasura we pull this from the auth header and then a user is allowed to modify things in its own row and read information that goes with the role.

what we want with organizations:
This is fashion has a studio application much like Youtube studio to manage uploads to our platform. on this platform we want organizations to be able to manage their own content ( think brands, and their catwalks, films, shortfilms ) which then will be available for users on our platform to consume.

The prettiest solution would be if we can add an x-hasura-org with an organization UUID to the token. and include the role the user has in the organization as well. We would like handle organization details synchronization in the same way as we do with users at the moment. This way we could let a user switch organizations by changing their token. reason for this is we are planning on using microservices, and this way we can just pass the needed info in headers to those services.

within hasura there would be an organizations table very much like we have our users table now.

@naughtly-keller you can shoot me an email to setup a call and demo if you want sander@thisisfashion.tv

@naughtly-keller Good one,

We are currently building an app on the same stack.

For user management we have written triggers and functions between hasura and fusionauth to keep the userdata in fusionauth up to date, we have also written all login, refresh and create user actions in hasura and functions.

If you want I can take you trough a tour...... and show you how we unified everything behind our Hasura gateway.

There is one issue we are currently working on before our stack is complete. The ability to use organizations. Maybe we can Collab on it and we will gladly share our code with you. @robotdan if @naughtly-keller wants to opensource the stack we are more than willing to contribute. We do have one issue in our implementation tho. And a little inspiration from your side would go a long way.

in our case all user management, syncing, login and other ops are executed by directly talking to our GQL endpoint( Hasura) this is all in working order. But we need to add organizations in the mix. We have an issue finding how we can leverage Fusionauth for this.

Ohh a preview test version of our app is available on https://thisisfashion.tv

Hey If you are running on a VM in AWS its important to do a few things,

Best would be to set up a webserver or loadbalancer to proxy and do SSL termination to your fusionauth instance.

The webserver would run on port 80 and 443, All non SSL requests would need to be redirected to 443. Then you let the webserver proxy and forward all headers to your fusionauth instance on the port where you have fusionauth running.

As for development mode, you can set this with an environment variable on the server check https://fusionauth.io/docs/v1/tech/installation-guide/fusionauth-app/ out for more info on this.

Hope it helps and cheers!

Dear all.

We are building an application based on Fusionauth, Hasura, Nextjs and cloudflare stream. The platform is a Netflix like streaming platform for fashion media. It's built by students for students and aims to be the largest online fashion archive.

In our content management application ( this is fashion studio) currently only This Is Fashion administrators are able to upload content. But we are looking to change this and make our app multi tenant compatible.

In our case we want organizations to be able to manage their brands, and other content. An organization has owners and editors. in turn an organization will be the owner of a content item. These users should be the normal this is fashion user accounts.

We have been reading and reading but are unable to figure out what the best approach is to do this.

• organization owner invites other this is fashion users as editors.
• a user can be a editor/owner of multiple organizations
• a user needs to be able to switch organizations.
• active organization needs to be in the JWT for authentication ( this is what Hasura uses for rights )

I hope someone can point us in the right direction.