Update Login Instant

Sends a ping to FusionAuth indicating that the user has authenticated, and (optionally) automatically logged into an application. When using FusionAuth's SSO or your own, you should call this if the user is already logged in centrally, but accesses an application where they no longer have a session. This helps correctly track login counts, times and helps with reporting.

Request#

Using a user ID and application ID#

API Key Authentication
Update the login instant for a given User and Application
PUT/api/login/{userId}/{applicationId}?ipAddress={ipAddress}
OpenAPI Spec

Request Headers#

X-Forwarded-ForStringoptional

The IP address of a client requesting authentication. If the IP address is provided it will be stored for login history of the user. It is generally preferred to specify the IP address in the request body. If it is not provided in the request body this header value will be used if available, the request body value will take precedence.

X-FusionAuth-TenantIdStringoptional

The unique Id of the tenant used to scope this API request.

The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

See Making an API request using a Tenant Id for additional information.

Request Parameters#

userIdUUIDrequired

The Id of the user logging in.

applicationIdUUIDoptional

The Id of the Application the user is to be logged into. This parameter is optional but there is not likely a production use case where you want to omit the value. If this parameter is omitted the user will still be authenticated but a login count will not be recorded for an Application.

See the difference between authentication and authorization for more detail.

ipAddressStringoptional

The IP address of the end-user that is logging into FusionAuth. If this value is omitted FusionAuth will attempt to obtain the IP address of the client, the value will be that of the X-Forwarded-For header if provided or the last proxy that sent the request. The IP address will be stored in the User login history.

Using a JWT#

JWT Authentication
Update the login instant for a given User and Application using a JWT
PUT/api/login?ipAddress={ipAddress}
OpenAPI Spec

The userId is not required on the request. The userId and applicationId values will be retrieved from the identity claims in the JWT payload.

Request Parameters#

ipAddressStringoptional

The IP address of the end-user that is logging into FusionAuth. If this value is omitted FusionAuth will attempt to obtain the IP address of the client, the value will be that of the X-Forwarded-For header if provided or the last proxy that sent the request. The IP address will be stored in the User login history.

Request Headers#

X-FusionAuth-TenantIdStringoptional

The unique Id of the tenant used to scope this API request.

The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

See Making an API request using a Tenant Id for additional information.

Response#

This API does not return a JSON response body.

Response Codes

CodeDescription
200The update was successful.
202The user exists but is not registered for the application specified by applicationId on the request.
400The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors.
401You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
404The user was not found.
500There was an internal error. A stack trace is provided and logged in the FusionAuth log files.
503The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.