Collected Metrics
Overview
FusionAuth collects the following kinds of data from deployments to help improve our products:
- metrics: high-level information about an instance, e.g. monthly active users, version, number of nodes
- usage data: granular data about feature usage, collected since version 1.55
This data helps us understand usage so we can improve features and security.
Self-hosted users can disable data collection without affecting functionality. Customers on a paid plan must allow metrics collection per the license agreement unless they have an air-gapped license.
What Data Does FusionAuth Collect?
Metrics
FusionAuth collects the following high-level metrics:
- unique instance identifier
- total number of users
- total number of monthly active users
- total number of monthly logins
- number of nodes in the instance
- product version
- license Id (only for licensed instances with a plan)
- version of the metrics data (currently always version 1)
Usage Data
Since version 1.55, FusionAuth also collects feature-level usage data. The following sample JSON object shows what we collect (click to expand):
Usage Data - Example JSON Payload
{
"applicationVersion": "1.59.1",
"collectionDuration": 523,
"collectionInstant": 1720629226097,
"instanceId": "eb76363d-8ee3-4188-8bae-ceed191a4780",
"stats": {
"apiKeyExpiringEnabled": 1,
"apiKeyHashedEnabled": 1,
"applicationAccessTokenPopulateLambda": 80,
"applicationActiveLoggedIntoNumber": 100,
"applicationActiveNumber": 101,
"applicationActiveRoleNumber": 200,
"applicationActsAsSamlv2Idp": 40,
"applicationAdvancedSelfServiceRegistrationEnabled": 40,
"applicationBasicSelfServiceRegistrationEnabled": 40,
"applicationCustomSelfServiceAccountForm": 23,
"applicationAdvancedSelfServiceRegistrationPreVerified": 1,
"applicationCustomThemeUsed": 12,
"applicationEmailUpdateTemplate": 30,
"applicationEmailVerificationTemplate": 30,
"applicationEmailVerifiedTemplate": 30,
"applicationEnabledIdentityProviders": [
{
"count": 20,
"idp": "Apple"
},
{
"count": 20,
"idp": "EpicGames"
},
{
"count": 20,
"idp": "ExternalJWT"
},
{
"count": 20,
"idp": "Facebook"
},
{
"count": 20,
"idp": "Google"
},
{
"count": 20,
"idp": "HYPR"
},
{
"count": 80,
"idp": "OpenIDConnect"
},
{
"count": 100,
"idp": "SAMLv2"
},
{
"count": 120,
"idp": "SAMLv2IdPInitiated"
},
{
"count": 20,
"idp": "SonyPSN"
},
{
"count": 20,
"idp": "Steam"
},
{
"count": 20,
"idp": "Twitch"
},
{
"count": 20,
"idp": "Twitter"
},
{
"count": 20,
"idp": "Xbox"
}
],
"applicationEnabledIdentityProvidersWithLambdas": 260,
"applicationEnabledTenantIdentityProviders": [
{
"count": 40,
"idp": "Apple"
},
{
"count": 40,
"idp": "EpicGames"
},
{
"count": 40,
"idp": "ExternalJWT"
},
{
"count": 40,
"idp": "Facebook"
},
{
"count": 40,
"idp": "Google"
},
{
"count": 40,
"idp": "HYPR"
},
{
"count": 160,
"idp": "OpenIDConnect"
},
{
"count": 200,
"idp": "SAMLv2"
},
{
"count": 240,
"idp": "SAMLv2IdPInitiated"
},
{
"count": 40,
"idp": "SonyPSN"
},
{
"count": 40,
"idp": "Steam"
},
{
"count": 40,
"idp": "Twitch"
},
{
"count": 40,
"idp": "Twitter"
},
{
"count": 40,
"idp": "Xbox"
}
],
"applicationForgotPasswordTemplate": 30,
"applicationIdTokenPopulateLambda": 80,
"applicationLoggedInApplicationsUsingSimpleThemes": 3,
"applicationLoginApiAuthenticationDisabled": 4,
"applicationLoginApiRefreshTokensEnabled": 5,
"applicationLoginIdInUseOnCreateTemplate": 30,
"applicationLoginIdInUseOnUpdateTemplate": 30,
"applicationLoginNewDevice": 30,
"applicationLoginSuspiciousEmailTemplate": 30,
"applicationMagicLinks": 6,
"applicationMfaLambdasConfigured": 1,
"applicationMfaPolicy": 7,
"applicationMultiFactorEmailMessageTemplate": 30,
"applicationMultiFactorSmsMessageTemplate": 25,
"applicationNumber": 101,
"applicationOptionalScopes": 9,
"applicationPasswordResetSuccessTemplate": 30,
"applicationPasswordUpdateTemplate": 30,
"applicationPasswordlessTemplate": 30,
"applicationBasicSelfServicePhoneRegistrationEnabled": 30,
"applicationRefreshTokenGracePeriodEnabled": 1,
"applicationRequiredScopes": 18,
"applicationSamlv2PopulateLambda": 80,
"applicationSelfServiceRegistrationValidationLambda": 80,
"applicationSetPasswordTemplate": 30,
"applicationForgotPasswordPhoneTemplate": 1,
"applicationIdentityUpdatePhoneTemplate": 1,
"applicationLoginIdInUseOnCreatePhoneTemplate": 1,
"applicationLoginIdInUseOnUpdatePhoneTemplate": 1,
"applicationLoginNewDevicePhoneTemplate": 1,
"applicationLoginSuspiciousPhoneTemplate": 1,
"applicationPasswordlessPhoneTemplate": 1,
"applicationPasswordResetSuccessPhoneTemplate": 1,
"applicationPasswordUpdatePhoneTemplate": 1,
"applicationSetPasswordPhoneTemplate": 1,
"applicationTwoFactorMethodAddPhoneTemplate": 1,
"applicationTwoFactorMethodRemovePhoneTemplate": 1,
"applicationVerificationCompletePhoneTemplate": 1,
"applicationVerificationPhoneTemplate": 1,
"applicationThirdParty": 8,
"applicationTwoFactorMethodAddTemplate": 30,
"applicationTwoFactorMethodRemoveTemplate": 30,
"applicationUserinfoPopulateLambda": 80,
"applicationVerificationTemplate": 30,
"atdCaptcha": 5,
"atdIpAcls": 10,
"atdRateLimiting": 6,
"entitiesEntityGrants": 40,
"entitiesPermissions": 12,
"entitiesTypeNumber": 4,
"groupApplicationRoles": 60,
"instanceCompanyPlan": "Essentials",
"instanceDatabaseConnectionTimeout": 2000,
"instanceDatabaseIdleTimeout": 120000,
"instanceDatabaseMaxLifetime": 240000,
"instanceDatabaseMaximumPoolSize": 10,
"instanceDatabaseMinimumIdle": -1,
"instanceDatabaseMysqlEnforceUtf8mb4": false,
"instanceDatabaseVersion": "8.3.0",
"instanceFirstTimeSetupProgress": {
"apiKeyConfigured": false,
"applicationConfigured": false,
"emailConfigured": false,
"licenseActivated": false
},
"instanceFusionauthAppHttpReadTimeout": 0,
"instanceFusionauthAppLocalMetricsEnabled": false,
"instanceFusionauthAppMemory": 25769803776,
"instanceFusionauthAppReindexBatchSize": 2500,
"instanceFusionauthAppReindexThreadCount": 5,
"instanceFusionauthAppSearchDefaultRefreshInterval": "1s",
"instanceFusionauthSearchHostsCount": 1,
"instanceJavaVersion": "17.0.8.1+1",
"instanceLicenseType": "Non-production",
"instanceNodes": 4,
"instanceSearchType": "database",
"integrationsCleanspeakEnabled": false,
"integrationsKafkaEnabled": false,
"messengersGeneric": 100,
"messengersKafka": 0,
"messengersTwilio": 100,
"scimEnabled": 7,
"tenantBreachedPasswordDetection": 7,
"tenantClientCredentialsLambdaEnabled": 80,
"tenantConfirmChildTemplate": 30,
"tenantCustomAdminUserForm": 43,
"tenantCustomConnectors": 40,
"tenantCustomThemeUsed": 23,
"tenantEmailMfaEnabled": 8,
"tenantEmailUpdateTemplate": 30,
"tenantEmailVerifiedTemplate": 30,
"tenantFamilyEnabledTemplate": 8,
"tenantFamilyRequestTemplate": 30,
"tenantForgotPasswordTemplate": 30,
"tenantLoggedInApplicationsUsingSimpleThemesFromTenant": 4,
"tenantLoginIdInUseOnCreateTemplate": 30,
"tenantLoginIdInUseOnUpdateTemplate": 30,
"tenantLoginNewDeviceTemplate": 30,
"tenantLoginSuspiciousEmailTemplate": 30,
"tenantMultiFactorEmailMessageTemplate": 30,
"tenantMultiFactorLambdasConfigured": 2,
"tenantMultiFactorSmsMessageTemplate": 25,
"tenantNumber": 102,
"tenantParentRegistrationTemplate": 30,
"tenantPasswordResetSuccessTemplate": 30,
"tenantPasswordUpdateTemplate": 30,
"tenantPasswordlessTemplate": 30,
"tenantSetPasswordTemplate": 30,
"tenantSmsMfaEnabled": 8,
"tenantSsoSessionBootstrapEnabled": 1,
"tenantTotpMfaEnabled": 102,
"tenantTwoFactorMethodAddTemplate": 30,
"tenantTwoFactorMethodRemoveTemplate": 30,
"tenantVerificationTemplate": 30,
"tenantForgotPasswordPhoneTemplate": 1,
"tenantIdentityUpdatePhoneTemplate": 1,
"tenantLoginIdInUseOnCreatePhoneTemplate": 1,
"tenantLoginIdInUseOnUpdatePhoneTemplate": 1,
"tenantLoginNewDevicePhoneTemplate": 1,
"tenantLoginSuspiciousPhoneTemplate": 1,
"tenantPhoneConfigurationMessengers": 1,
"tenantPasswordlessPhoneTemplate": 1,
"tenantPasswordResetSuccessPhoneTemplate": 1,
"tenantPasswordUpdatePhoneTemplate": 1,
"tenantSetPasswordPhoneTemplate": 1,
"tenantTwoFactorMethodAddPhoneTemplate": 1,
"tenantTwoFactorMethodRemovePhoneTemplate": 1,
"tenantVerificationCompletePhoneTemplate": 1,
"tenantVerificationPhoneTemplate": 1,
"tenantWebauthnEnabled": 3,
"webhookAuditLogCreate": 30,
"webhookEventLogCreate": 40,
"webhookGroupCreate": 40,
"webhookGroupCreateComplete": 40,
"webhookGroupCreateTransactional": 40,
"webhookGroupDelete": 40,
"webhookGroupDeleteComplete": 40,
"webhookGroupDeleteTransactional": 40,
"webhookGroupMemberAdd": 40,
"webhookGroupMemberAddComplete": 40,
"webhookGroupMemberAddTransactional": 40,
"webhookGroupMemberRemove": 40,
"webhookGroupMemberRemoveComplete": 40,
"webhookGroupMemberRemoveTransactional": 40,
"webhookGroupMemberUpdate": 40,
"webhookGroupMemberUpdateComplete": 40,
"webhookGroupMemberUpdateTransactional": 40,
"webhookGroupUpdate": 40,
"webhookGroupUpdateComplete": 40,
"webhookGroupUpdateTransactional": 40,
"webhookJwtPublicKeyUpdate": 42,
"webhookJwtPublicKeyUpdateTransactional": 40,
"webhookJwtRefresh": 40,
"webhookJwtRefreshTokenRevoke": 42,
"webhookJwtRefreshTokenRevokeTransactional": 40,
"webhookJwtRefreshTransactional": 40,
"webhookKickstartSuccess": 40,
"webhookUserAction": 42,
"webhookUserBulkCreate": 42,
"webhookUserBulkCreateTransactional": 40,
"webhookUserCreate": 42,
"webhookUserCreateComplete": 40,
"webhookUserCreateTransactional": 40,
"webhookUserDeactivate": 42,
"webhookUserDeactivateTransactional": 40,
"webhookUserDelete": 42,
"webhookUserDeleteComplete": 40,
"webhookUserDeleteTransactional": 40,
"webhookUserEmailUpdate": 40,
"webhookUserEmailVerified": 42,
"webhookUserEmailVerifiedTransactional": 40,
"webhookUserIdentityProviderLink": 40,
"webhookUserIdentityProviderUnlink": 40,
"webhookUserLoginIdDuplicateCreate": 40,
"webhookUserLoginIdDuplicateUpdate": 40,
"webhookUserLoginFailed": 42,
"webhookUserLoginFailedTransactional": 40,
"webhookUserLoginNewDevice": 40,
"webhookUserLoginNewDeviceTransactional": 40,
"webhookUserLoginSuccess": 42,
"webhookUserLoginSuccessTransactional": 40,
"webhookUserLoginSuspicious": 40,
"webhookUserLoginSuspiciousTransactional": 40,
"webhookUserPasswordBreach": 40,
"webhookUserPasswordBreachTransactional": 40,
"webhookUserPasswordResetSend": 40,
"webhookUserPasswordResetStart": 40,
"webhookUserPasswordResetSuccess": 40,
"webhookUserPasswordUpdate": 40,
"webhookUserReactivate": 42,
"webhookUserReactivateTransactional": 40,
"webhookUserRegistrationCreate": 42,
"webhookUserRegistrationCreateComplete": 40,
"webhookUserRegistrationCreateTransactional": 40,
"webhookUserRegistrationDelete": 42,
"webhookUserRegistrationDeleteComplete": 40,
"webhookUserRegistrationDeleteTransactional": 40,
"webhookUserRegistrationUpdate": 42,
"webhookUserRegistrationUpdateComplete": 40,
"webhookUserRegistrationUpdateTransactional": 40,
"webhookUserRegistrationVerified": 42,
"webhookUserRegistrationVerifiedTransactional": 40,
"webhookUserTwoFactorMethodAdd": 40,
"webhookUserTwoFactorMethodRemove": 40,
"webhookUserUpdate": 42,
"webhookUserUpdateComplete": 40,
"webhookUserUpdateTransactional": 40
},
"statsVersion": "0.2.0",
"timings": {
"apiKeyExpiringEnabled": 1,
"apiKeyHashedEnabled": 1,
"applicationAccessTokenPopulateLambda": 1,
"applicationActiveLoggedIntoNumber": 0,
"applicationActiveNumber": 3,
"applicationActiveRoleNumber": 1,
"applicationActsAsSamlv2Idp": 11,
"applicationAdvancedSelfServiceRegistrationEnabled": 5,
"applicationBasicSelfServiceRegistrationEnabled": 11,
"applicationCustomSelfServiceAccountForm": 1,
"applicationCustomThemeUsed": 0,
"applicationEmailUpdateTemplate": 0,
"applicationEmailVerificationTemplate": 1,
"applicationEmailVerifiedTemplate": 0,
"applicationEnabledIdentityProviders": 2,
"applicationEnabledIdentityProvidersWithLambdas": 1,
"applicationEnabledTenantIdentityProviders": 3,
"applicationForgotPasswordTemplate": 0,
"applicationIdTokenPopulateLambda": 1,
"applicationLoggedInApplicationsUsingSimpleThemes": 4,
"applicationLoginApiAuthenticationDisabled": 3,
"applicationLoginApiRefreshTokensEnabled": 3,
"applicationLoginIdInUseOnCreateTemplate": 0,
"applicationLoginIdInUseOnUpdateTemplate": 1,
"applicationLoginNewDevice": 0,
"applicationLoginSuspiciousEmailTemplate": 0,
"applicationMagicLinks": 3,
"applicationMfaPolicy": 3,
"applicationMultiFactorEmailMessageTemplate": 0,
"applicationMultiFactorSmsMessageTemplate": 1,
"applicationNumber": 0,
"applicationOptionalScopes": 1,
"applicationPasswordResetSuccessTemplate": 1,
"applicationPasswordUpdateTemplate": 0,
"applicationPasswordlessTemplate": 1,
"applicationBasicSelfServicePhoneRegistrationEnabled": 1,
"applicationRefreshTokenGracePeriodEnabled": 1,
"applicationRequiredScopes": 0,
"applicationSamlv2PopulateLambda": 0,
"applicationSelfServiceRegistrationValidationLambda": 1,
"applicationSetPasswordTemplate": 0,
"applicationThirdParty": 2,
"applicationTwoFactorMethodAddTemplate": 1,
"applicationTwoFactorMethodRemoveTemplate": 0,
"applicationUserinfoPopulateLambda": 0,
"applicationVerificationTemplate": 0,
"applicationForgotPasswordPhoneTemplate": 1,
"applicationIdentityUpdatePhoneTemplate": 1,
"applicationLoginIdInUseOnCreatePhoneTemplate": 1,
"applicationLoginIdInUseOnUpdatePhoneTemplate": 1,
"applicationLoginNewDevicePhoneTemplate": 1,
"applicationLoginSuspiciousPhoneTemplate": 1,
"applicationPasswordlessPhoneTemplate": 1,
"applicationPasswordResetSuccessPhoneTemplate": 1,
"applicationPasswordUpdatePhoneTemplate": 1,
"applicationSetPasswordPhoneTemplate": 1,
"applicationTwoFactorMethodAddPhoneTemplate": 1,
"applicationTwoFactorMethodRemovePhoneTemplate": 1,
"applicationVerificationCompletePhoneTemplate": 1,
"applicationVerificationPhoneTemplate": 1,
"atdCaptcha": 5,
"atdIpAcls": 0,
"atdRateLimiting": 5,
"entitiesEntityGrants": 1,
"entitiesPermissions": 0,
"entitiesTypeNumber": 0,
"groupApplicationRoles": 0,
"instanceDailyActiveUsers": 0,
"instanceDatabaseConnectionTimeout": 0,
"instanceDatabaseIdleTimeout": 0,
"instanceDatabaseMaxLifetime": 0,
"instanceDatabaseMaximumPoolSize": 0,
"instanceDatabaseMinimumIdle": 0,
"instanceDatabaseMysqlEnforceUtf8mb4": 0,
"instanceDatabaseVersion": 0,
"instanceElasticsearchVersion": 0,
"instanceFirstTimeSetupProgress": 0,
"instanceFusionauthAppHttpReadTimeout": 0,
"instanceFusionauthAppLocalMetricsEnabled": 0,
"instanceFusionauthAppMemory": 0,
"instanceFusionauthAppReindexBatchSize": 0,
"instanceFusionauthAppReindexThreadCount": 0,
"instanceFusionauthAppSearchDefaultRefreshInterval": 0,
"instanceFusionauthSearchHostsCount": 0,
"instanceJavaVersion": 1,
"instanceNodes": 0,
"instanceSearchType": 0,
"integrationsCleanspeakEnabled": 0,
"integrationsKafkaEnabled": 0,
"messengersGeneric": 5,
"messengersKafka": 5,
"messengersTwilio": 5,
"scimEnabled": 5,
"tenantBreachedPasswordDetection": 5,
"tenantClientCredentialsLambdaEnabled": 1,
"tenantConfirmChildTemplate": 0,
"tenantCustomAdminUserForm": 0,
"tenantCustomConnectors": 0,
"tenantCustomThemeUsed": 1,
"tenantEmailMfaEnabled": 4,
"tenantEmailUpdateTemplate": 0,
"tenantEmailVerifiedTemplate": 0,
"tenantFamilyEnabledTemplate": 5,
"tenantFamilyRequestTemplate": 0,
"tenantForgotPasswordTemplate": 0,
"tenantLoggedInApplicationsUsingSimpleThemesFromTenant": 1,
"tenantLoginIdInUseOnCreateTemplate": 0,
"tenantLoginIdInUseOnUpdateTemplate": 0,
"tenantLoginNewDeviceTemplate": 1,
"tenantLoginSuspiciousEmailTemplate": 0,
"tenantMultiFactorEmailMessageTemplate": 0,
"tenantMultiFactorSmsMessageTemplate": 0,
"tenantNumber": 1,
"tenantParentRegistrationTemplate": 0,
"tenantPasswordResetSuccessTemplate": 0,
"tenantPasswordUpdateTemplate": 1,
"tenantPasswordlessTemplate": 0,
"tenantSetPasswordTemplate": 0,
"tenantSmsMfaEnabled": 4,
"tenantSsoSessionBootstrapEnabled": 5,
"tenantTotpMfaEnabled": 5,
"tenantTwoFactorMethodAddTemplate": 0,
"tenantTwoFactorMethodRemoveTemplate": 0,
"tenantVerificationTemplate": 0,
"tenantForgotPasswordPhoneTemplate": 1,
"tenantIdentityUpdatePhoneTemplate": 1,
"tenantLoginIdInUseOnCreatePhoneTemplate": 1,
"tenantLoginIdInUseOnUpdatePhoneTemplate": 1,
"tenantLoginNewDevicePhoneTemplate": 1,
"tenantLoginSuspiciousPhoneTemplate": 1,
"tenantPhoneConfigurationMessengers": 1,
"tenantPasswordlessPhoneTemplate": 1,
"tenantPasswordResetSuccessPhoneTemplate": 1,
"tenantPasswordUpdatePhoneTemplate": 1,
"tenantSetPasswordPhoneTemplate": 1,
"tenantTwoFactorMethodAddPhoneTemplate": 1,
"tenantTwoFactorMethodRemovePhoneTemplate": 1,
"tenantVerificationCompletePhoneTemplate": 1,
"tenantVerificationPhoneTemplate": 1,
"tenantWebauthnEnabled": 5,
"webhookAuditLogCreate": 1,
"webhookEventLogCreate": 0,
"webhookGroupCreate": 5,
"webhookGroupCreateComplete": 5,
"webhookGroupCreateTransactional": 6,
"webhookGroupDelete": 5,
"webhookGroupDeleteComplete": 4,
"webhookGroupDeleteTransactional": 6,
"webhookGroupMemberAdd": 5,
"webhookGroupMemberAddComplete": 4,
"webhookGroupMemberAddTransactional": 6,
"webhookGroupMemberRemove": 4,
"webhookGroupMemberRemoveComplete": 4,
"webhookGroupMemberRemoveTransactional": 6,
"webhookGroupMemberUpdate": 5,
"webhookGroupMemberUpdateComplete": 4,
"webhookGroupMemberUpdateTransactional": 6,
"webhookGroupUpdate": 4,
"webhookGroupUpdateComplete": 4,
"webhookGroupUpdateTransactional": 6,
"webhookJwtPublicKeyUpdate": 5,
"webhookJwtPublicKeyUpdateTransactional": 6,
"webhookJwtRefresh": 5,
"webhookJwtRefreshTokenRevoke": 4,
"webhookJwtRefreshTokenRevokeTransactional": 7,
"webhookJwtRefreshTransactional": 6,
"webhookKickstartSuccess": 1,
"webhookUserAction": 4,
"webhookUserBulkCreate": 4,
"webhookUserBulkCreateTransactional": 7,
"webhookUserCreate": 4,
"webhookUserCreateComplete": 5,
"webhookUserCreateTransactional": 6,
"webhookUserDeactivate": 4,
"webhookUserDeactivateTransactional": 7,
"webhookUserDelete": 4,
"webhookUserDeleteComplete": 5,
"webhookUserDeleteTransactional": 6,
"webhookUserEmailUpdate": 4,
"webhookUserEmailVerified": 5,
"webhookUserEmailVerifiedTransactional": 6,
"webhookUserIdentityProviderLink": 5,
"webhookUserIdentityProviderUnlink": 4,
"webhookUserLoginIdDuplicateCreate": 5,
"webhookUserLoginIdDuplicateUpdate": 4,
"webhookUserLoginFailed": 5,
"webhookUserLoginFailedTransactional": 6,
"webhookUserLoginNewDevice": 5,
"webhookUserLoginNewDeviceTransactional": 6,
"webhookUserLoginSuccess": 4,
"webhookUserLoginSuccessTransactional": 7,
"webhookUserLoginSuspicious": 4,
"webhookUserLoginSuspiciousTransactional": 6,
"webhookUserPasswordBreach": 5,
"webhookUserPasswordBreachTransactional": 6,
"webhookUserPasswordResetSend": 4,
"webhookUserPasswordResetStart": 5,
"webhookUserPasswordResetSuccess": 4,
"webhookUserPasswordUpdate": 4,
"webhookUserReactivate": 5,
"webhookUserReactivateTransactional": 6,
"webhookUserRegistrationCreate": 4,
"webhookUserRegistrationCreateComplete": 4,
"webhookUserRegistrationCreateTransactional": 6,
"webhookUserRegistrationDelete": 4,
"webhookUserRegistrationDeleteComplete": 4,
"webhookUserRegistrationDeleteTransactional": 7,
"webhookUserRegistrationUpdate": 4,
"webhookUserRegistrationUpdateComplete": 4,
"webhookUserRegistrationUpdateTransactional": 6,
"webhookUserRegistrationVerified": 4,
"webhookUserRegistrationVerifiedTransactional": 6,
"webhookUserTwoFactorMethodAdd": 5,
"webhookUserTwoFactorMethodRemove": 4,
"webhookUserUpdate": 4,
"webhookUserUpdateComplete": 4,
"webhookUserUpdateTransactional": 6
}
}FusionAuth never collects personally identifiable information about your users or customers. We may collect new usage data as we add new features; those will be outlined in our release notes.
Defaults
By default:
- Instances upgraded to version 1.55 do not send feature usage data.
- New instances created since version 1.55 do send feature usage data, but you can opt out at instance creation or any time after.
Who Does FusionAuth Collect Data From?
Self-hosted FusionAuth users can choose to share data with us. You can turn usage data collection off in the setup wizard, by API, in the admin UI, or by blocking the hostname usage-stats.fusionauth.io. You can turn metrics collection off by blocking the hostname usage-stats.fusionauth.io.
If you enable usage data collection on the Community plan (including all unlicensed FusionAuth instances), we collect data but won’t tie it to your identity. If you enable usage data collection on the Licensed Community plan, we tie usage data to your account and identity via your instanceId.
FusionAuth Cloud instances always share usage data. This data helps us provide top-notch service and security.
Disable Data Collection
Users who self-host FusionAuth can disable data collection in multiple ways. FusionAuth Cloud users cannot disable data collection.
Self-Hosted
To disable usage data collection during setup, uncheck the box marked “I want to help FusionAuth improve its products and services”:
To disable usage data collection in a running instance, navigate to Settings -> System -> Analytics & Improvements in the admin UI and disable the usage data collection toggle:
You can also block outbound usage data at the network level: all usage data and metrics collection uses the hostname usage-stats.fusionauth.io.
FusionAuth Cloud
Usage stats collection cannot be disabled on FusionAuth Cloud instances.
Frequently Asked Questions
How Will This Impact Performance?
Data collection is intentionally throttled to not use additional resources. Queries only run once per day. We load tested a variety of instance sizes and database configurations to ensure that collection does not impact performance.
As a further failsafe, we can dynamically disable any stat collection that does cause a problem without the need to release or upgrade the instance.
How Does FusionAuth Ensure That My Customer Data Remains Private?
Your privacy and that of your customers is of the utmost importance to FusionAuth. We do not collect any data that might reveal any information about your customers, such as webhook or OIDC URLs.
Who Owns the Data That You Collect? Who Decides How That Data Is Used?
The FusionAuth license agreement covers the specifics of how we collect and use data. For more detailed information, please see the following sections:
- Section 2.1.6 covers self-hosting
- Section 2.2.4 discusses those hosting with FusionAuth cloud
- Section 5.2 covers FusionAuth’s licensing of collected data
- Section 5.3 has the information on consent for feedback
How Does Your Data Collection Impact Our Ability to Remain GDPR or CCPA Compliant?
We know how critical compliance is for your business. For many customers, it’s a primary driver in why they chose FusionAuth. Because of this, we made the choice to avoid collecting any personally identifiable information. We collect all stats in aggregate, so that there is no chance of violating confidentiality or compliance.
What Steps Are You Taking to Avoid Scope Creep and Collecting Ever-More Data?
We’re aware of how easy it is to let a project like this expand. Who doesn’t like more data? Before we started this project, we decided on the following principles:
- Self-hosted customers will always be able to turn off usage data collection.
- We limit data collection to feature usage counts and software versions of the product.
- We will never collect anything that would let us know specific information about your configuration or your customers such as OIDC URLs, user emails or mail hosts.
- We will not collect new stats without releasing a new version of FusionAuth.
We want to do right by our customers. By making these public commitments, we are clear about what data we gather and what data we will not. We want to be transparent about data collection and prevent scope creep.