FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. andres.garcia
    3. Topics
    A
    • Profile
    • Following 0
    • Followers 0
    • Topics 4
    • Posts 6
    • Best 2
    • Controversial 0
    • Groups 0

    Topics created by andres.garcia

    • A

      Unsolved Extend SSO session

      Q&A
      • • • andres.garcia
      2
      1
      Votes
      2
      Posts
      3.9k
      Views

      danD

      @andres-garcia Do you mean for a given user? Or in general?

      In general, you want to set the Tenant Session Timeout setting: https://fusionauth.io/docs/v1/tech/core-concepts/tenants#oauth

      I believe that redirecting the user to the FusionAuth authorize url will extend the session (and the doc above implies it: The length of time an SSO session can be inactive before it is closed.).

      I'd have to test that behavior.

      Have you tried it?

    • A

      NameIDPolicy Transient

      General Discussion
      • • • andres.garcia
      3
      0
      Votes
      3
      Posts
      1.5k
      Views

      danD

      @andres-garcia Sorry for the late response, kinda slammed.

      https://fusionauth.io/docs/v1/tech/samlv2/#limitations says

      FusionAuth supports only the following NameIDPolicy values:

      urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress urn:oasis:names:tc:SAML:2.0:nameid-format:persistent urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

      So it seems like that isn't supported. Please feel free to file an issue https://github.com/fusionauth/fusionauth-issues/issues referencing this forum post and explaining you'd like this new NameIDPolicy value to be supported.

      If you are a customer with a support contract, it's helpful if you file a support ticket as well. This helps us prioritize future work.

    • A

      Unsolved Update connectorId on User?

      Q&A
      • • • andres.garcia
      4
      0
      Votes
      4
      Posts
      1.5k
      Views

      joshuaJ

      @andres-garcia

      I might lack a bit of context, but I think that

      user is already created on FusionAuth

      You do have the option to choose how FusionAuth will look for users on the tenant (more in the documentation). So you might have FusionAuth look for your user in an external LDAP connector, firstly, for instance.

      So I was trying to do it that way because I can't provision the service async using the webhooks.

      Is this a limitation of your architecture/design or a limitation you are finding within FusionAuth

      Thanks,
      Josh
      FusionAuth

    • A

      SSO via /api/login

      General Discussion
      • • • andres.garcia
      3
      1
      Votes
      3
      Posts
      3.2k
      Views

      S

      Apologies for reviving a months-old thread, but I'm new on this forum and I'm hunting for similar info. I came across your post about SSO using the /api/login endpoint in FusionAuth.
      From what I've learned recently, the login API doesn't currently support SSO. The hosted login pages, on the other hand, provide a bunch of functionalities, including SSO. So, for now, it seems like using the standard hosted login page is the way to go.