Posts made by alimirloohome2
How can I check if user has set password?
I sent many emails to newly registered users to either set their password (if they haven't provided it in our registration form) or only verify their email.
An issue happened with our email service provider and some of the emails were not sent and now I have to check if users already have a password (to only send them a verification email) or if they still haven't set their password (to send them a password set email).
I checked the value of "passwordChangeRequired" field of the users and none of them were true, which I believe it has to be for users who have been sent a password set email but they still haven't set it. Because it is required for them to change their password anyway, otherwise they wouldn't be able to login.
Can anyone help me with this issue?
FusionAuth version: 1.27.2
I tried to validate a JWT access token issued by a FusionAuth server instance in Python with Simple JWT but got the error:
rest_framework_simplejwt.exceptions.TokenError: Token has no type
The library expects a key
token_type(configurable) with a value of
accessin the token's payload but FusionAuth does not include such in its tokens. Does anyone have any idea what's wrong here?
When is `introspect` endpoint needed?
As I have understood, if the issued access token is not of type JWT, then the token's validity must be checked with the FusionAuth server for each user request.
Also saw that even the Python's requests_oauthlib library has not implemented this endpoint in it's OAuth2 session implementation.
So I'm a bit confused whether it's actually necessary to call this endpoint or not. Can anyone explain the protocol a bit?