Navigation

    FusionAuth
    • Login
    • Search
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    1. Home
    2. paterik4
    P
    • Profile
    • Following 0
    • Followers 0
    • Topics 1
    • Posts 8
    • Best 3
    • Groups 0

    paterik4

    @paterik4

    3
    Reputation
    1
    Profile views
    8
    Posts
    0
    Followers
    0
    Following
    Joined Last Online

    paterik4 Unfollow Follow

    Best posts made by paterik4

    • RE: Create user with FusionAuth Admin Interface from Kickstartfile

      @quent That would be great. Can you give me and example how can I achieve this?

      posted in Q&A
      P
      paterik4
    • Kickstart properties

      Hello!

      Is there any document or repository where I can find any single property and possible values for it that can be configured via kickstart?

      For example, I would like to configure JWT for an application.

      I know some basics so I configured it like this:

      "jwtConfiguration": {
           "enabled": true,
           "timeToLiveInSeconds": 604800,
           "refreshTokenTimeToLiveInMinutes": 43200,
           "refreshTokenExpirationPolicy": "Fixed",
           "refreshTokenUsagePolicy": "Reusable"
      },
      

      Now I am seeking other properties, like Id Token signing key and possible values that can be selected in the admin panel from a dropdown.

      How should I set the Id Token signing key property to OpenID HSA-256 for example?

      or the Access Token signing key configuration option or in the OAuth configuration how can I configure PKCE?

      I couldn't find any document or repo that covers at least the logic behind the kickstart configuration property names and their values.

      I know there are so many examples for apps and for simple kickstart files but these are not covering all configuration options.

      Thanks for your help in advance!

      Patrick

      posted in Q&A
      P
      paterik4
    • RE: Kickstart properties

      @dan

      Yes, this answers my question, thank you!

      posted in Q&A
      P
      paterik4

    Latest posts made by paterik4

    • RE: Kickstart properties

      @dan

      Yes, this answers my question, thank you!

      posted in Q&A
      P
      paterik4
    • RE: Kickstart properties

      @dan

      Yes, it was helpful, thank you very much!

      The only thing I didn't see but I figured out is setting the Id Token signing key to OpenID Connect compliant HMAC using SHA-256.

      What I did is set manually that property and took a look at the logs. There I found the new value of it and added that to kickstart.json.

      I am curious if this is working because I set the algorithm and the accessTokenKeyId as follows:

                  "algorithm": "HS256",
                  "accessTokenKeyId": "#{FUSIONAUTH_DEFAULT_SIGNING_KEY_ID}",
      

      and I added let's say a random uuid for the idTokenKeyId, or it is working because I added the hard coded idTokenKeyId which gives me the OpenID Connect compliant HMAC using SHA-256 name and value.

      posted in Q&A
      P
      paterik4
    • Kickstart properties

      Hello!

      Is there any document or repository where I can find any single property and possible values for it that can be configured via kickstart?

      For example, I would like to configure JWT for an application.

      I know some basics so I configured it like this:

      "jwtConfiguration": {
           "enabled": true,
           "timeToLiveInSeconds": 604800,
           "refreshTokenTimeToLiveInMinutes": 43200,
           "refreshTokenExpirationPolicy": "Fixed",
           "refreshTokenUsagePolicy": "Reusable"
      },
      

      Now I am seeking other properties, like Id Token signing key and possible values that can be selected in the admin panel from a dropdown.

      How should I set the Id Token signing key property to OpenID HSA-256 for example?

      or the Access Token signing key configuration option or in the OAuth configuration how can I configure PKCE?

      I couldn't find any document or repo that covers at least the logic behind the kickstart configuration property names and their values.

      I know there are so many examples for apps and for simple kickstart files but these are not covering all configuration options.

      Thanks for your help in advance!

      Patrick

      posted in Q&A
      P
      paterik4
    • RE: Create user with FusionAuth Admin Interface from Kickstartfile

      @quent @dan Thank you for your help! I get it working.

      My mistakes were the following:

      1. I tried to specify the Fusionauth app id.
      2. I tried to create the FusionAuth app which gave me an error that it already exists.
      3. I used the default (provided) FusionAuth app id wrongly.
      4. I tried to register the user twice.

      Here is my solution without any other registration:

      If you would like to give access to an already registered user u should provide access to that user with the same URL but with the following body:

            "body": {
              "skipRegistrationVerification": true,
              "registration": {
                "applicationId": "#{FUSIONAUTH_APPLICATION_ID}",
                "roles": ["admin"]
              }
            }
      

      If you would like to give access to a new user, then u should do it under a different URL and you have to specify the user email and password inside the body like this:

            "body": {
              "user": {
                "email": "#{adminEmail}",
                "password": "#{password}"
              },
              "registration": {
                "applicationId": "#{FUSIONAUTH_APPLICATION_ID}",
                "roles": ["admin"]
              }
            }
      
      posted in Q&A
      P
      paterik4
    • RE: Create user with FusionAuth Admin Interface from Kickstartfile

      @quent That would be great. Can you give me and example how can I achieve this?

      posted in Q&A
      P
      paterik4
    • RE: Create user with FusionAuth Admin Interface from Kickstartfile

      @dan Hello!

      If I try to add an application registration as shown in the example in FusionAuth's Github repo, it gives me this error:

      2022-12-13 02:42:06.813 PM ERROR io.fusionauth.api.service.system.kickstart.KickstartRunner - Failed to execute request to [POST][/api/application/00000000-0000-0000-0000-000000000001] Status [400]
      
      Request body:
      
      {
      
        "application" : {
      
          "name" : "FusionAuth",
      
          "roles" : [ "user", "admin" ]
      
        }
      
      }
      
      2022-12-13 02:42:06.813 PM ERROR io.fusionauth.api.service.system.kickstart.KickstartRunner - Error response:
      
      {
      
        "fieldErrors" : {
      
          "application.name" : [ {
      
            "code" : "[duplicate]application.name",
      
            "message" : "An Application with name [FusionAuth] already exists."
      
          } ]
      
        },
      
        "generalErrors" : [ ]
      
      }
      

      If the kickstart creates FusionAuth for himself, how could I get its id to register users to it with an admin role?

      The supportId doesn't create any error.

      My kickstart file is a valid JSON file.

      I am trying to use image: fusionauth/fusionauth-app:1.38.0 image of FusionAuth.

      posted in Q&A
      P
      paterik4
    • RE: Create user with FusionAuth Admin Interface from Kickstartfile

      @quent I thought about that, but how should I get the id of FusionAuth that was just created by kickstart?

      posted in Q&A
      P
      paterik4
    • RE: Create user with FusionAuth Admin Interface from Kickstartfile

      Hello @dan !

      I tried what you show us, like this:

      {
            "method": "POST",
            "url": "/api/user/registration/00000000-0000-0000-0000-000000000001",
            "body": {
              "user": {
                "firstName": "Adam",
                "lastName": "Smith",
                "email": "#{adminEmail}",
                "password": "#{password}"
              },
              "registration": {
                "applicationId": "#{ENV.FUSIONAUTH_CLIENT_ID}",
                "roles": ["admin"]
              }
            }
          },
      

      but after this, my local FusionAuth admin panel redirects me to the setup wizard form which I can't complete because it's giving me a 500 Server error.

      f8b99f3c-23b3-4bae-9c91-d2a0cbf5998e-image.png

      This tells me something is wrong with my newly added block because before I added it my FusionAuth worked fine.

      I also tried to add an application registration with the same id and with the name FusionAuth, like this:

          {
            "method": "POST",
            "url": "/api/application/#{ENV.FUSIONAUTH_CLIENT_ID}",
            "body": {
              "application": {
                "name": "FusionAuth",
                "roles": ["user", "admin"]
              }
            }
          },
      

      but this didn't solve my issue.

      Thanks for your help in advance!

      Best Regards,
      Patrik

      posted in Q&A
      P
      paterik4