Is there a way to update user data in the UI?

I'd like to update the user data object in the UI. I know I can do it via the API: https://fusionauth.io/docs/v1/tech/apis/users

https://fusionauth.io/blog/2021/04/01/fusionauth-introduces-simplepass/

I have a quick question about FusionAuth and configuring the inactivity timeout of the session cookie it creates. Specifically... Is it possible?

There's now an open source terraform provider available: https://github.com/gpsinsight/terraform-provider-fusionauth

It's also on the registry: https://registry.terraform.io/providers/gpsinsight/fusionauth/latest

Can you run FusionAuth in Kubernetes?

Is modifying the JWT via a lambda equivalent to accessing the verified property of the user profile?

Within a lambda, you have access to the user and registration properties. So you'd pull the verified property from wherever you wanted and put it into the JWT as a custom claim. Here's a blog post about how that might work.

So yes, it is the same data. It's the tradeoff between a bigger JWT and having to make the additional call from your API.

Don't forget that the JWT will live for a while, so if this sequence happens and you use the JWT, you might have a user with a verified email prevented from using the API.

1. user registers
2. JWT issued, with verified set to false because the user isn't verified.
3. User verifies their email
4. User visits API, but is denied because the JWT has stale data.

I don't know timelines and how long your JWTs live for, but this is something to consider. Does that answer your question?

OK, we just released 1.18.8 and that is the version you want to use:

In requirements.txt:

fusionauth-client==1.18.8

And then this is the call you want to make (with client_id before redirect_uri) :

 resp = client.exchange_o_auth_code_for_access_token(request.args.get("code"), client_id, "http://localhost:5000/oauth-callback", client_secret)

Heya FusionAuth Users!

Got a minute to share your experience with the FusionAuth platform?

Please take this short Capterra survey.

You'll help improve the software and the first 100 eligible reviewers will get a $20 gift card.

We just released an overhaul of the website: https://fusionauth.io/ which includes a new look for the API docs: https://fusionauth.io/docs/v1/tech/

Hiya,

I'm unable to create a user registration using the .NET client libraries: https://fusionauth.io/docs/v1/tech/client-libraries/netcore

I have verified that the API key is basically a super user. I've verified that I'm sending the registration object. I've tried twiddling different properties (verified, insertInstant) and made sure that the application exists. I've added the a user registration to the application manually and it works. Creating a user and setting the userdata works just fine. It just seems like the registration isn't working.

I looked in https://github.com/FusionAuth/fusionauth-netcore-client/issues and https://github.com/FusionAuth/fusionauth-issues/issues but didn't see any relevant issues.

Here's my code so far (you can run it with fusionauth_api_key=<key> dotnet.exe run -- foo@foo5.com bluepass123 blue)

$ cat usermanager.csproj
<Project Sdk="Microsoft.NET.Sdk">

  <PropertyGroup>
    <OutputType>Exe</OutputType>
    <TargetFramework>netcoreapp3.1</TargetFramework>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="FusionAuth.Client" Version="1.15.7" />
    <PackageReference Include="JSON.Net" Version="1.0.18" />
  </ItemGroup>

</Project>

$ cat Program.cs
using System;
using io.fusionauth;
using io.fusionauth.domain;
using io.fusionauth.domain.api;
using System.Collections.Generic;
using Newtonsoft.Json;

namespace usermanager
{
    class Program
    {
        private static readonly string apiKey = Environment.GetEnvironmentVariable("fusionauth_api_key");
        private static readonly string fusionauthURL = "http://localhost:9011";

        private static readonly string tenantId = "66636432-3932-3836-6630-656464383862";
        static void Main(string[] args)
        {
            if (args.Length != 3) {
                Console.WriteLine("Please provide email, password and favorite color.");
                Environment.Exit(1);
            }
            string email= args[0];
            string password = args[1];
            string favoriteColor = args[2];

            FusionAuthSyncClient client = new FusionAuthSyncClient(apiKey, fusionauthURL, tenantId);
            User userToCreate = new User();
            userToCreate.email = email;
            userToCreate.password = password;
            Dictionary<string, object> data = new Dictionary<string, object>();
            data.Add("favoriteColor", favoriteColor);
            userToCreate.data = data;
            UserRegistration registration = new UserRegistration();
            registration.applicationId = Guid.Parse("4243b56f-0b45-4882-aa23-ac75eea22d22");
            registration.verified = true;

            registration.insertInstant = DateTimeOffset.UtcNow;
            var registrations = new List<UserRegistration>();
            registrations.Add(registration);

            userToCreate.registrations = registrations;

            UserRequest userRequest = new UserRequest();
            userRequest.sendSetPasswordEmail = false;
            userRequest.user = userToCreate;
            string u = JsonConvert.SerializeObject(userRequest);
            Console.WriteLine(u);
            var response = client.CreateUser(null, userRequest);
            string json = JsonConvert.SerializeObject(response);
            Console.WriteLine(json);

            if (response.WasSuccessful())
            {
                var user = response.successResponse.user;
                Console.WriteLine("retrieved user with email: "+user.email);
            }
            else if (response.statusCode != 200)
            {
                var statusCode = response.statusCode;
                Console.WriteLine("failed with status "+statusCode);
            }
        }
    }
}

I end up using a docker image of mailcatcher.

I use the default docker-compose.yml, but use this docker-compose.override.yml:

version: '3'

services:
  mailcatcher:
    image: yappabe/mailcatcher
    ports:
      - "1025:1025"
      - "1080:1080"
    networks:
      - mailcatcher

  search:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.8.1
    environment:
      cluster.name: fusionauth
      bootstrap.memory_lock: "true"
      discovery.type: single-node
      FUSIONAUTH_SEARCH_MEMORY: ${FUSIONAUTH_SEARCH_MEMORY}
      ES_JAVA_OPTS: ${ES_JAVA_OPTS}
    # Un-comment to access the search service directly
    # ports:
    #  - 9200:9200
    #  - 9300:9300
    networks:
      - search
    restart: unless-stopped
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - es_data:/usr/share/elasticsearch/data

  fusionauth:
    depends_on:
      - search
      - mailcatcher
    environment:
      SEARCH_SERVERS: http://search:9200
      SEARCH_TYPE: elasticsearch
    networks:
      - mailcatcher
      - search

networks:
  search:
    driver: bridge
  mailcatcher:
    driver: bridge

volumes:
  es_data:

Then I configure the SMTP settings to use the hostname mailcatcher and the port 1025. I can then send email and view it in the mailcatcher interface, at localhost:1080.

Here's the relevant dockerfile: https://github.com/yappabe/docker-mailcatcher/blob/master/Dockerfile

Here's more about mailcatcher: https://mailcatcher.me/

I am using the docker install and want to send email from that for testing purposes. Any suggestions?

I don't know of any way to do this. You can't query on password expiration status. There's no webhook available.

This seems like a great feature request. Please file a github issue with details about your use case: https://github.com/fusionauth/fusionauth-issues/issues

Any options to send notification to user when a password has expired?

The user and registration may have a username field. The username field on the user is the one that can be used to login. In general you will want to use the Search API for those types of queries rather than directly accessing the database.

The reason is because the API is documented and stable, and the database is undocumented and may change.

I want to know what user name has registered to an application but I don't have username in the registration table:

SELECT id FROM fa.user_registrations WHERE username!=null;

This query gives me nothing in the results.

You will need to obtain the default tenantId from the UI.

If you are using kickstart, you have the option to set the default tenantId so that it is predictable.

I am trying to create tenants using the Java API and want to use the default tenant as a baseline.

Is there a way to get the default tenant ID from the client library or do I have to retrieve it from the admin UI manually?

Thanks for filing a github issue as well!

https://github.com/FusionAuth/fusionauth-issues/issues/1227

A duplicate of https://fusionauth.io/community/forum/topic/438/password-complexity-rules

But the easiest way to see this is in the tenant API, since that is where they are configured.

At time of writing, here are the options.