FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. leandro.menagonzalez
    3. Topics
    L
    • Profile
    • Following 0
    • Followers 0
    • Topics 6
    • Posts 7
    • Best 1
    • Controversial 0
    • Groups 0

    Topics created by leandro.menagonzalez

    • L

      Unsolved Google IdP get Organization info and Picture profile

      Q&A
      • • • leandro.menagonzalez
      2
      0
      Votes
      2
      Posts
      419
      Views

      danD

      @leandro-menagonzalez So it sounds like you seeing the consents be granted in the Google process, which should make it available in the reconcile lambda, but you are not seeing the value in the reconcile lambda?

      https://fusionauth.io/docs/v1/tech/lambdas/google-reconcile

      There are two options I'd explore:

      Using the OIDC identity provider, which gives you more flexibility and possibly more information. In particular, you get both the access and id token: https://fusionauth.io/docs/v1/tech/lambdas/openid-connect-response-reconcile

      Using Lambda HTTP Connect (a paid feature) to make a call to the google APIs to request additional information from within your lambda. You can learn more about that here: https://fusionauth.io/docs/v1/tech/lambdas/#using-lambda-http-connect

      Hope that helps.

    • L

      Unsolved MFA fusionAuth e Identity Provider google

      Q&A
      • • • leandro.menagonzalez
      2
      0
      Votes
      2
      Posts
      1.3k
      Views

      danD

      @leandro-menagonzalez

      It sounds like you want to let users log in with Google, but when they return, be challenged for another factor of authentication?

      In general FusionAuth treats identity providers such as google as 'the source of truth' when they are configured. That means FusionAuth trusts that the identity provider has done all the checks they need to do to ensure the user is who they say they are (including MFA). So when FusionAuth gets a successful response from the provider, it won't prompt for anything else.

      You could set up step up authentication in your application to force the user to go through MFA: https://fusionauth.io/docs/v1/tech/guides/multi-factor-authentication#step-up-auth

      Hope this helps.

    • L

      Unsolved SAML response from Google Workspace- Picture field ??

      Q&A
      • • • leandro.menagonzalez
      4
      0
      Votes
      4
      Posts
      2.6k
      Views

      joshuaJ

      @leandro-menagonzalez Sorry - I was traveling for a bit and then under the weather.

      Were you able to resolve this?

      If not, my understanding is that this would be a mapping problem. Essentially, Google would have to be instructed to send over a profile pic url, and FusionAuth would consume that in the AuthN response. Further, a reconcile lambda can be used to grab this URL attribute and store on the user, etc. Let me know if I am misunderstanding the issue.

      Josh

    • L

      Unsolved custom validation-theme Forgot Password

      Q&A
      • • • leandro.menagonzalez
      2
      1
      Votes
      2
      Posts
      1.4k
      Views

      joshuaJ

      @leandro-menagonzalez

      This can be solved by using client-side validation in your theme for the corresponding forgot password page. On the authorize page you would pull in JS to check the users email in any manner you see fit.

      https://fusionauth.io/docs/v1/tech/apis/themes
      https://fusionauth.io/docs/v1/tech/themes/

      Josh

    • L

      Solved Upgrade from 1.24 to 1.37.2

      Q&A
      • • • leandro.menagonzalez
      2
      0
      Votes
      2
      Posts
      476
      Views

      joshuaJ

      @leandro-menagonzalez

      I will mark this resolved as we discussed this out of band.

      https://fusionauth.io/docs/v1/tech/installation-guide/cloud#restoring-from-backup

      Thanks,
      Josh
      FusionAuth