RE: Error setting up FusionAuth free version

Hi Dan,

Thanks for the quick response! Yes I'll look into upgrading MySQL.

Cheers,
-N

Thanks!

Thanks Dan! It all works now.

Thanks @dan I think we're going to go with the FusionAuth hosted pages for now.

Heya @dan, do you have any advice on this issue?

Hi,

I'm implementing authentication using FusionAuth. I've defined an oauth_callback route which gets called on a successful login. In this route, I call the /oauth2/token endpoint from FusionAuth API passing the necessary arguments and I'm able to retrieve an access_token.

I have another route, validate_token, that calls the oauth2/introspect endpoint from the FusionAuth API and I'm able to check the validity of the above token by looking at the active field in response. The problem is active is returned as true even after I logout. Am I missing something or doing something wrong?

Appreciate the help!

Cheers,
-- N.

Thanks @dan I think we're going to go with the FusionAuth hosted pages for now.

I'm following this tutorial to register a new user via FusionAuth API. Going through this documentation for the endpoint, I found that it expects password for the new user to be sent as plain text. But this would be insecure, assuming the flow looks like My Frontend --> My Backend --> FusionAuth API --> My Backend --> My Frontend. Is there a better way of communicating the password to FusionAuth. Thanks!

Thanks Dan! It all works now.

@dan Hi Dan, just circling back. Did you have a chance to look into this? Thanks!

@dan No worries! Thanks for all your help! You can download the application zip file from here. As you'll notice, its a pretty simple app. Also I've replaced all the ip addresses and ids for security reasons so while the app won't run as is, you would still be able to get an idea of the functionality. Thanks again for your continued support! Hoping to resolve this soon!

@dan Thanks for the response. I did double check my application code and there was a client id mismatch in one of the URIs in my application code. I fixed that. However I'm still getting 401. Below is the flask server output:

<Response [401]>
error
<Response [401]>
74.15.29.84 - - [25/Aug/2020 22:43:04] "GET /oauth-callback?code=9E2MtFiIkFTS1uRBDjNXIOwLDuefGNLMqreSo1gZL2A&locale=en_US&userState=Authenticated HTTP/1.1" 200 -```

As you can see the state has changed to Authenticated now.

@dan That is correct. Below is the output on flask server:

<Response [401]>
error
<Response [401]>
74.15.29.84 - - [24/Aug/2020 15:46:33] "GET /oauth-callback?code=q0AEmFiDNOjWiGlBa64Ea7MI2BlwotSh7AAcqqjWSt4&locale=en_US&userState=AuthenticatedNotRegistered HTTP/1.1" 200 -

@dan Thanks for the response. I changed the call to exchange_o_auth_code_for_access_token swapping client_secret and redirect_uri args. I made sure that the user is registered with the application to which they are trying to authorize and that the redirect_uri is setup correctly in application config. I'm attaching screen shots from the FusionAuth app. I'm still getting a 401 response.

l would also would like to mention as an aside that the user is able to login successfully to this app. I get 401 for the auth code request post successful login.

Redirect URI setup:

User Registration: