RE: is there a way to get idp userinfo back without login in

Ok i fixed the issue i was having here, when using react-native-app-auth, with github at least, the clientSecret of the application must be present...

But all i am getting back is the fusionAuth access token... which is useless in my case...

invalid_client is what im getting, using github

Can we just skip the login part and just return the userInfo ?

so is that possible?

right now when trying to connect to github for example, i get the error The identity provider was unable to reconcile the email address. An email address is required to complete this request., but i dont care about really logging in the user beyond that point, i just want the userInfo from their idp.

So is there a way to skip the login part after the idp auth and just send back the data?

Or a way to pass the email of the already logged in user to the idp login.

Update: i can use the email in the reconcile workaround, but 1. thats gonna clutter the database with extra users, 2. i get another error, Client authentication missing as Basic Authorization header or credentials in the body (or some combination of them)

@dan said in Malformed request when using idp_hint:

@fusionauth_user

Also, which idp were you trying to hint?

As it happens, with google

And yes to all the questions you asked above

so im trying to use the idp hint but i get the malformed request error.

what am i doing wrong with my url?
..../oauth2/authorize?client_id={clientid}&redirect_uri={redirect uirl}&response_type=code&tenantId={tennantID}&idp_hint={idp_id}

like when i log in with an idp like google, how do i check what data i get back?

yeah, pretty simple really, if you want to try it yourself before my tutorial is out, try using the hasura cloud + Auth0 tutorial on Hasura's site, and use the lessons from that to use it with fusionauth.

Just wanted to bop in here and say that i am working on a FusionAuth + Hasura tutorial

I want to let my users link multiple social media accounts to their's own account so they can import posts/photos from there, or things like that

Im using FA with my graphql api (hasura)

Im in a situation where i want to link multiple providers to a single account and letting FA handle the auth.

Can i do this with just the API, or is it juist not possible?

nah, nvm i thought i had a lead with that but reusing that url from the button doesnt work

@dan yeah i tried it, but then i get to a point where it keeps throwing the error of no/invalid redirect uri, even though i do have it set in the initial parameters

It's unclear to me which type of federated login you are using

I am trying to have my users log in from the react-native app i am building so i can just show them the buttons when they open the app and not have the flow be like:

user opens app > presses login with.. > gets taken to fusionAuth page and has to press login with... (a second time)

So im not sure if i understand it correctly, but i have set up my refreshtoken to be single use only on my applications settings, but i can just keep using the old refresh token to get new access tokens.

Is this right?

I still dont understand where the hurdle is, when the fusionauth page is shown, the buttons obvious have links, how do i generate those links myself? they dont appear magicly and they have a data-identity-provider-id="23d1c45d-83fa-4368-a051-34a2e4cce16b" property, what does that do?

how can we use

FusionAuth.IdentityProvider.Helper.captureState({
      identityProviderId:  button.getDataAttribute('identityProviderId')
    });

For our own apps to generate the proper redirect url ?

@dan i tried using the lookup api, but i have no idea what to input for {domain} i have tried the user email, just the user emails domain but i just keep getting 404, how does that api work?

I dont understand how i can get the providers on my server by using a users email... that doesnt seem right...

digging a bit more i did find it, and had to add the domain to... itself?
anyway, that doesnt directly take the user to the idP either