Topics created by kasir-barati

@kasir-barati Hiya, welcome to FusionAuth. Sorry, just ran across your forum post today.

There is no way to assign constraints to user.data fields within FusionAuth, but there is an open issue that I encourage you to upvote.

You can require usernames to be unique in a tenant, using the Unique usernames setting. It is, however a feature which requires a paid plan.

Another alternative, rather than

fetching all users and then looping over users
would be to search for the username before creating the user. Using the search functionality that wouldn't require scanning all the users. You can use a transactional webhook to fail user creation if your uniqueness rules are not met.

@kasir-barati When you say "I dunno if we can use them to change what Get /me endpoint returns", you might want to check out the UserInfo Populate Lamba.

Further discussion on this issue can be seen here: https://github.com/FusionAuth/fusionauth-javascript-sdk-express/issues/11

My bad, I was misconfiguring my FusionAuth instance and at the same time banging my head against a brick wall.

So who answered my question? FusionAuth Docs AI.

The iss or issuer claim in FusionAuth is a URL that identifies the principal that issued the JWT. The issuer claim is a case-sensitive string containing a string or URI value. The processing of this claim is generally application-specific.
In FusionAuth, the issuer claim can be set in two ways:

You can set it in the tenant configuration, where it will apply for all JWTs issued for that tenant. You can modify this by navigating to "Tenants", then your tenant, then "General". Here, you can modify the "Issuer" field value. You can set it at the individual JWT level by modifying the JWT populate lambda. You would do this if you wanted to have a different issuer based on some information from the user or registration data.

The issuer claim is typically set to the URL of your FusionAuth instance. For example, https://local.fusionauth.io or http://localhost:9011. The choice between http and https depends on whether your FusionAuth instance is set up to use SSL or not. If it is, then https should be used. If not, http can be used.
In the case of https://localhost:9011, this means that the FusionAuth instance is set up to use SSL and is running on the local machine on port 9011.

Although it was not completely correct but its first suggestion was right on the money. I am configuring FusionAuth using Terraform/OpenTofu. And there I was passing the wrong value to issuer. Learn more here: https://registry.terraform.io/providers/fusionauth/fusionauth/latest/docs/resources/tenant

So I was passing https://localhost:9011 😓.

Hey folks,

Coming from the future. I just decided to change my docker-compose.yml to use network_mode: host therefore my former comment is no longer valid. Please look at my monorepo on how I am utilizing Terraform, Docker, mailcatcher as my local SMTP, NestJS, and NextJS.

I also wrote a couple of README.mds here and there for future references.

Feel free to give it a star on GitHub and or better yet use it.

@kasir-barati Makes sense. Thanks for the feedback!