Navigation

    FusionAuth
    • Login
    • Search
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    1. Home
    2. dan
    3. Posts
    • Profile
    • Following 0
    • Followers 9
    • Topics 623
    • Posts 2525
    • Best 181
    • Groups 3

    Posts made by dan

    • RE: Can't use sendSetPasswordEmail when creating a user without user.email

      @gean-ivamoto Hmm. Seems like a good feature request. Can you please file one here: https://github.com/FusionAuth/fusionauth-issues/issues/

      posted in Q&A
      dan
      dan
    • RE: FusionAuth server completely locked up

      @brad Interesting. The error message Connection is not available, request timed out after 155614ms makes me suspicious, but I hear you.

      I'm not familiar with the performance characteristics of Aurora, to be honest. We definitely have some folks running FusionAuth with that as their database, but it isn't typical and is not listed as a supported database.

      You could try tweaking some of the database connection pool settings mentioned here: https://fusionauth.io/docs/reference/configuration

      I'd also suggest googling around to see whether anyone else has issues with Hikari (our connection pool software) and the version/engine of Aurora that you are using.

      Finally, if you have a plan that includes engineering support, I'd encourage you to open a support ticket.

      posted in Comments & Feedback
      dan
      dan
    • RE: FusionAuth server completely locked up

      Hi @brad ,

      From here, it looks like the database was unavailable or FusionAuth ran out of connections.

      @brad said in FusionAuth server completely locked up:

      Caused by: java.sql.SQLTransientConnectionException: HikariPool-1 - Connection is not available, request timed out after 155614ms.

      This can be caused by lambdas or connectors that are too slow to respond or are blocked from responding. It also can happen if FusionAuth is under extreme load and the database is undersized.

      posted in Comments & Feedback
      dan
      dan
    • RE: How can I configure a fusionauth docker image from scrach using only terraform

      @kasir-barati Makes sense. Thanks for the feedback!

      posted in Q&A
      dan
      dan
    • RE: Retrieving Data using FusionAuth API

      @kasir-barati Can you be more specific about your question?

      posted in Q&A
      dan
      dan
    • RE: Restrict issuer when using "External JWT" identity provider

      @whuysentruit

      Sure, we welcome feature requests from the community! Members can upvote them and we review the upvotes when considering future development.

      Here's the GitHub repo to file the issue in: https://github.com/FusionAuth/fusionauth-issues/issues/

      Please feel free to reference this forum post and give as many details as you can. This helps us understand the use case.

      More about our roadmap process: https://fusionauth.io/docs/operate/roadmap/roadmap

      posted in Q&A
      dan
      dan
    • RE: How can I configure a fusionauth docker image from scrach using only terraform

      Hiya @kasir-barati , welcome to the FusionAuth community!

      Is there any kind of docker env or java env to pass to the container while creating it to create the api key automatically while creating container.

      Unfortunately no. You can create a kickstart.json which has a single key. That's the recommended way to bootstrap FusionAuth if you want to manage everything through Terraform afterwards. Because you are correct, you'll need an API key.

      We have a terraform guide we're about to publish, but you can view it here: https://github.com/FusionAuth/fusionauth-site/pull/2323/files . That is not fully reviewed, but should still be helpful to read.

      Can you explain why you don't want to use Kickstart at all?

      posted in Q&A
      dan
      dan
    • RE: How to Resolve `Error: FUSIONAUTH_ISSUERmissing in environment variables.`?

      @jswgger007 Hmmm. That's weird.

      What happens if you put console.log(process.env.FUSIONAUTH_ISSUER); right a t the top of the file?

      Seems like the environment variable isn't being picked up for some reason.

      What type of system are you using (windows, mac, linux, etc)?

      posted in Q&A
      dan
      dan
    • RE: isAuthenticated and isLoading from useFusionAuth() is always false

      @lambio hmmm. That code value changing seems to indicate that the authorization code grant isn't completing. This might cause the behavior you are seeing (because the tokens never get stored in the browser).

      Are you running both systems on localhost? Are you using docker?

      Sharing a bit more about what the system looks like would be helpful.

      Another thing you can do is enable debugging in your fusionauth application configuration (go to the admin panel, edit your application, enable debugging) and then viewing the event log (go to system -> event log) as you try a login. That might be helpful info to share as well.

      posted in Q&A
      dan
      dan
    • RE: 504 webhook errors in the Event Log without webhooks defined

      Thanks @daniel-lohse.

      This additional info would be helpful:

      • Type and version of your database
      • Any negative issues you see, unless this is only a worrisome event log entry
      • Any behavior you see that triggers these (if you have replication steps)

      And I can file an issue.

      posted in Q&A
      dan
      dan
    • RE: Error 403 with Nginx in front

      @mark Awesome!

      posted in Q&A
      dan
      dan
    • RE: Docker - Unable to create api key - buffer overflow

      @j-smutek Hmm. 512 MB should be fine for typical usage.

      Do you have a large number of applications or tenants or webhooks or keys or anything else? Or is this a pretty standard config?

      I'm glad you were able to get the API key created. That is a weird error I've never seen before.

      posted in Q&A
      dan
      dan
    • RE: How do we authenticate on many custom domains for our multi-tenant SaaS?

      @jarrod

      Do we whitelist a large amount of callback URLs?

      This would work. We have tested with a couple of thousand different URLs.

      Do we create an Application per custom domain? (Does this mean we have to sync users?)

      This would work too. You won't have to sync users, but you would have to add registration for each application a user is supposed to have access to. Then you provide a different client id for each subdomain (using a mapping maintained in your database).

      Do we redirect to the main app and perform some kind of sidechannel/backchannel SSO iframe magic? 😖

      I'd avoid this if at all possible.

      This might be helpful reading for you: https://fusionauth.io/docs/get-started/core-concepts/users#segmenting-users if you haven't seen it yet.

      but we can migrate to the concepts in FusionAuth if that's required.

      Not required, but may be helpful. The question I always ask when discussing this is "would a user who is going to subdomain.theirdomain.com be unpleasantly surprised if they had the same credentials there as they do at the account at subdomain2.anotherdomain.com"? If so, tenants are a good fit. If not, keep things simpler and use one tenant.

      posted in Q&A
      dan
      dan
    • RE: Is it possible to mix hosted and self-created login pages

      @joseantonio you'd have to re-authenticate with the hosted login pages. Custom login pages don't set the FusionAuth single sign-on cookie.

      There is an open github issues about this: https://github.com/FusionAuth/fusionauth-issues/issues/1515

      posted in Q&A
      dan
      dan
    • RE: 504 webhook errors in the Event Log without webhooks defined

      Hmmm. I think this might be related to some internal webhooks FusionAuth uses to sync data between nodes. See for example https://github.com/FusionAuth/fusionauth-issues/issues/2257

      Are you running multiple nodes or one node? Any other details you can share about your platform?

      posted in Q&A
      dan
      dan
    • RE: Restrict issuer when using "External JWT" identity provider

      @whuysentruit

      Hmmm.

      One option to explore would be using a custom lambda for each IdP, and setting an custom value (iss_unexpected) on the user/registration if the issuer is not what you expect. Then you could pull the value from the user/registration and set it in the JWT issued by FusionAuth, and have your application check it.

      I don't see any way to accomplish this using the standard options.

      posted in Q&A
      dan
      dan
    • RE: Meme thread

      h74frvvu1owb1.png

      posted in General Discussion
      dan
      dan
    • RE: Docker - Unable to create api key - buffer overflow

      @j-smutek Hmmm. Can you try it without using your SSL certificates and see if the same issue occurs?

      posted in Q&A
      dan
      dan
    • RE: Integrate With Keystone 6?

      @mjthakur413 Great, let us know how it goes.

      posted in Q&A
      dan
      dan
    • RE: 403 on angular redirection to loging page

      @david-gonzalez Yes, you can do all of that. Providing centralized authentication is what FusionAuth offers.

      If you want an SLA, you'll need an enterprise plan. You can learn more on our licensing FAQ page about SLAs.

      If you'd like to discuss your needs with a technical sales person, you can also contact us.

      posted in General Discussion
      dan
      dan