I'd like to update the user data object in the UI. I know I can do it via the API: https://fusionauth.io/docs/v1/tech/apis/users
Head of Developer Relations at FusionAuth.
Enjoys ruby, java, php. Finds golang challenging.
Likes the authorization code grant, automation, stories and clear documentation.
Hiker, camper, gardener. Used to have chickens, now just tomato plants.
Best posts made by dan
Can I configure the inactivity timeout of the FusionAuth Session cookie?
I have a quick question about FusionAuth and configuring the inactivity timeout of the session cookie it creates. Specifically... Is it possible?
Terraform provider for FusionAuth released
There's now an open source terraform provider available: https://github.com/gpsinsight/terraform-provider-fusionauth
It's also on the registry: https://registry.terraform.io/providers/gpsinsight/fusionauth/latest
RE: Block authentication until user is verified?
Is modifying the JWT via a lambda equivalent to accessing the verified property of the user profile?
Within a lambda, you have access to the user and registration properties. So you'd pull the
verifiedproperty from wherever you wanted and put it into the JWT as a custom claim. Here's a blog post about how that might work.
So yes, it is the same data. It's the tradeoff between a bigger JWT and having to make the additional call from your API.
Don't forget that the JWT will live for a while, so if this sequence happens and you use the JWT, you might have a user with a verified email prevented from using the API.
- user registers
- JWT issued, with
falsebecause the user isn't verified.
- User verifies their email
- User visits API, but is denied because the JWT has stale data.
I don't know timelines and how long your JWTs live for, but this is something to consider. Does that answer your question?
RE: Trouble getting the user object post login
OK, we just released 1.18.8 and that is the version you want to use:
And then this is the call you want to make (with
resp = client.exchange_o_auth_code_for_access_token(request.args.get("code"), client_id, "http://localhost:5000/oauth-callback", client_secret)
RE: Can I run FusionAuth in Heroku?
There is no official support for Heroku at this time. Follow along on this issue (and vote it up if this is important to you) if you'd like to know when such support happens.
However, there is a community supported project with a "Deploy to Heroku" button. This is provided and tested by a community member.
RE: Error loading mysql backup
I haven't seen that before.
Does this happen in your customized version of FusionAuth (where you've added a few applications and users) or the default version?
From looking at the mysqldump man page, maybe try
You could try loading the schema from the .sql files ( https://fusionauth.io/direct-download/ ) and loading the data separately (that is, exporting with
--no-create-info). Again, that's a wild guess, not sure what the issue is, but some more investigation seems to make sense.
Latest posts made by dan
RE: Disappearing users?
It may be that you have set up your system to remove unverified users after a certain period of time.
To modify this setting, navigate to
Tenants > Edit Your Tenant > Emailthen to the
Email verification settingssection.
In this section, you can change your email verification requirements and durations.
We have had some users disappear from FusionAuth recently.
They were users we created via the API approximately a few weeks ago and in both cases the user had never logged in. I'm wondering if this is a policy or setting that we have turned on somewhere. e.g. "delete users who never log in after X days" or something similar.
RE: How long does FusionAuth cloud provisioning take?
Generally speaking, the provisioning depends greatly on the infrastructure being requested as well as the current demands placed on the underlying cloud infrastructure provider.
For smaller deployments, you can expect a 5 to 10 minute timeline. For a setup more aligned with a high-volume system with large CPU and database capacities, you can expect a provisioning time of 20 to 45 minutes.
RE: Configuration changes when changing editions
If they are on community there is no license. So from community to any paid edition you’d have to enter the license key.
Other than that, no change to the config is required or expected.
If you are changing from a paid edition to community edition, log in to your account at https://account.fusionauth.io and modify the edition. This will render the existing license key inactive.
RE: 1.29 is released
And here's the blog post: https://fusionauth.io/blog/2021/07/23/announcing-fusionauth-1-29/
RE: Enforcing attributes on a user
Apart from email verification, where gating is supported, all of these checks are business logic and need to be performed in your application.
The current solution is to put the value into the JWT as a custom claim using this lambda: https://fusionauth.io/docs/v1/tech/lambdas/jwt-populate/
And then have your application check this when it is verifying claims (as it should do).
There are some open issues on this:
Enforcing attributes on a user
There may be times when you want to enforce certain attributes on a user before your application can proceed. So you want the user to authenticate, but then be 'held up' or sent someplace if they don't meet certain criteria:
- MFA on their account
- A certain age
- Email verified
- Some custom data in their profile filled out
- Consent given
How can this be done with FusionAuth?