Bootstrapping Login For Self-Service Account Management

FusionAuth Reactor logo

This feature is only available in paid plans. Please visit our pricing page to learn more.

Available since 1.45.0

Accessing the Self-Service Account Pages From External Applications

In some scenarios you may want to allow users to access the self-service account management pages when it is impractical to use a normal login flow. One such scenario is with native mobile applications where the user is logged in to FusionAuth and the application is in possession of the access token. The following procedure will allow you to access these pages without requiring the user to log in again.

Opening the Self-Service Account Pages With an Access Token

In order to access the self-service account management pages in this manner you will need to meet the following criteria:

  • The user is logged in to FusionAuth
  • The external application is in possession of the FusionAuth access token JWT
  • The external application can open a browser window or webview and include an Authorization header

If the above criteria are met, you can open a webview or browser window from the external application and make a GET request to the account self-service page that includes the access token JWT as a Bearer token in the Authorization header. You must also include the client Id of the application.

Example HTTP Request with header

GET /account/?client_id=<your_client_id> HTTP/1.1
Authorization: Bearer <your_access_token>

Because you are only passing in an access token and the webview has no session state the interactions with the self-service account management pages will only succeed as long as the access token is valid and not expired. You may need to refresh the token prior to opening the self-service account management page or adjust the JWT lifespan to accommodate.