Is there a way to update user data in the UI?

I'd like to update the user data object in the UI. I know I can do it via the API: https://fusionauth.io/docs/v1/tech/apis/users

https://fusionauth.io/blog/2021/04/01/fusionauth-introduces-simplepass/

I have a quick question about FusionAuth and configuring the inactivity timeout of the session cookie it creates. Specifically... Is it possible?

There's now an open source terraform provider available: https://github.com/gpsinsight/terraform-provider-fusionauth

It's also on the registry: https://registry.terraform.io/providers/gpsinsight/fusionauth/latest

Can you run FusionAuth in Kubernetes?

Is modifying the JWT via a lambda equivalent to accessing the verified property of the user profile?

Within a lambda, you have access to the user and registration properties. So you'd pull the verified property from wherever you wanted and put it into the JWT as a custom claim. Here's a blog post about how that might work.

So yes, it is the same data. It's the tradeoff between a bigger JWT and having to make the additional call from your API.

Don't forget that the JWT will live for a while, so if this sequence happens and you use the JWT, you might have a user with a verified email prevented from using the API.

1. user registers
2. JWT issued, with verified set to false because the user isn't verified.
3. User verifies their email
4. User visits API, but is denied because the JWT has stale data.

I don't know timelines and how long your JWTs live for, but this is something to consider. Does that answer your question?

OK, we just released 1.18.8 and that is the version you want to use:

In requirements.txt:

fusionauth-client==1.18.8

And then this is the call you want to make (with client_id before redirect_uri) :

 resp = client.exchange_o_auth_code_for_access_token(request.args.get("code"), client_id, "http://localhost:5000/oauth-callback", client_secret)

There is no official support for Heroku at this time. Follow along on this issue (and vote it up if this is important to you) if you'd like to know when such support happens.

However, there is a community supported project with a "Deploy to Heroku" button. This is provided and tested by a community member.

I haven't seen that before.

Does this happen in your customized version of FusionAuth (where you've added a few applications and users) or the default version?

From looking at the mysqldump man page, maybe try --hex-blob ?

You could try loading the schema from the .sql files ( https://fusionauth.io/direct-download/ ) and loading the data separately (that is, exporting with --no-create-info ). Again, that's a wild guess, not sure what the issue is, but some more investigation seems to make sense.

Heya FusionAuth Users!

Got a minute to share your experience with the FusionAuth platform?

Please take this short Capterra survey.

You'll help improve the software and the first 100 eligible reviewers will get a $20 gift card.

This is not present at the current time, but you can deploy FusionAuth in as little as 512MB of RAM. So depending on your use case, you could run FusionAuth locally.

If you needed to sync data between the local machine and a central server, the APIs might help.

But in general this is not a use case we've considered.

Feel free to open a feature request with more details about your use case: https://github.com/fusionauth/fusionauth-issues/issues

@harish_reddy

Thanks, I saw the steps to reproduce in the administrative user interface.

I am sorry for being unclear. I was looking for steps to reproduce in the android application.

In particular, I'm unsure where/how you are seeing this behavior:

Then I noticed traffic from android app is getting blocked with

It sounds like:

• you have an application in FusionAuth.
• It was working fine with both a mobile app and a web application
• You then added https://example.com to the application config's authorized origin URL.
• The web application continues to work fine
• The android application now has issues

Is that correct? Or am I missing something?

If it is correct, I want to know more about those issues.

Are you:

• getting error messages
• being prevented from logging in using the android app
• some other behavior

Also, is the android app a webview of the hosted login pages?

Thanks.

Where are you seeing that error message? Can you please provide repro steps?

Thanks!

Yes, you can put anything in the user object that is documented here: https://fusionauth.io/docs/v1/tech/connectors/generic-connector/#using-the-generic-connector

You can return registrations which contain roles as outlined in the sample JSON in the link above.

Hope that helps!

Is this the same as https://fusionauth.io/community/forum/topic/1317/error-after-updating-the-password ? or different?

Please share any logfiles you see (you can go to "System" -> "Logs" in the admin UI to view them).

From other communication, you are running 1.19.7. My suggestions are:

• See if the bug is fixed in a more recent version. You could always test by standing up a copy of your product database, upgrading it, and then seeing if the issue occurs. This would provide more info for us without impacting your production system.
• Look through the detailed release notes to see if we have fixed this bug, upgrade to that specific version: https://fusionauth.io/docs/v1/tech/release-notes/
• If you have a paid support plan, open a ticket: https://account.fusionauth.io/account/support/

We're a small team and try to support everyone to the best of our ability, but supporting versions 10 minor releases behind the current release without a paid support plan is, as I'm sure you can understand, hard for us to do. Please help us by testing it out on the latest version or pursue one of the other options listed above.

Just as an FYI, it is extremely unlikely we will backport a fix to 1.19 (we almost never do that for functionality bugs), so if we found a bug and fixed it, you'd likely have to upgrade.

Thanks for filing this.

Can you provide a few more details (on the bug or here) to talk about why you need to set the origin URL in your mobile app?

Typically you need to set the Authorized redirect URL, but this tutorial, for example, doesn't set the origin URL: https://fusionauth.io/blog/2020/08/19/securing-react-native-with-oauth/

From https://fusionauth.io/docs/v1/tech/core-concepts/applications/

This optional configuration allows you to restrict the origin of an OAuth2 / OpenID Connect grant request. If no origins are registered for this Application, all origins are allowed.

By default FusionAuth will add the X-Frame-Options: DENY HTTP response header to the login pages to keep these pages from being rendered in an iframe. If the request comes from an authorized origin, however, FusionAuth will not add this header to the response. To load FusionAuth hosted login pages in an iframe, you will need to add the request origin to this configuration

With advanced threat detection you can block access to applications via IP ranges (it's touched on briefly here: https://youtu.be/pjGxOXamVfk?t=1209 ).

Advanced threat detection requires an enterprise license. Currently you can't lock a certain user to an IP range, though.

Please feel free to file a feature request with details of this use case if you'd like to see this implemented.

Can you restrict logins from a certain user to a certain IP address range? We have some accounts which are used by staff that have privileged access. Would be ideal to block logging in unless it's from their known IPs.

For example, prevent login for user A unless they are coming from ip 1.2.3.4 but user B can login from any IP?

Tested and verified this works. Feel free to use theme.data to your heart's content, @mmcnamara !