FusionAuth developer image
FusionAuth developer logo
  • Back to site
  • Expert Advice
  • Blog
  • Developers
  • Downloads
  • Account
  • Contact sales
Navigate to...
  • Welcome
  • Getting Started
    • Getting Started
    • 5-minute Setup Guide
      • Overview
      • Docker
      • Fast Path
      • Sandbox
    • Setup Wizard & First Login
    • Register a User and Login
    • Self-service Registration
    • Start and Stop FusionAuth
    • Core Concepts
      • Overview
      • Users
      • Roles
      • Groups
      • Registrations
      • Applications
      • Tenants
      • Identity Providers
      • Authentication/Authorization
      • Integration Points
    • Example Apps
      • Overview
      • Dart
      • Go
      • Java
      • JavaScript
      • .NET Core
      • PHP
      • Python
      • Ruby
    • Tutorials
  • Installation Guide
    • Overview
    • System Requirements
    • Server Layout
    • Cloud
    • Cluster
    • Docker
    • Fast Path
    • Kubernetes
      • Overview
      • Deployment Guide
      • Minikube Setup
      • Amazon EKS Setup
      • Google GKE Setup
      • Microsoft AKS Setup
    • Kickstart™
    • Homebrew
    • Marketplaces
    • Packages
    • Database
    • FusionAuth App
    • FusionAuth Search
    • Common Configuration
  • Migration Guide
    • Overview
    • General
    • Auth0
    • Keycloak
    • Amazon Cognito
    • Firebase
    • Microsoft Azure AD B2C
    • Tutorial
  • Admin Guide
    • Overview
    • Account Portal
    • Config Management
    • Editions and Features
    • Key Rotation
    • Licensing
    • Monitoring
    • Prometheus Setup
    • Proxy Setup
    • Reference
      • Overview
      • Configuration
      • CORS
      • Data Types
      • Hosted Login Pages Cookies
      • Known Limitations
      • Password Hashes
    • Releases
    • Roadmap
    • Search And FusionAuth
    • Securing
    • Switch Search Engines
    • Technical Support
    • Troubleshooting
    • Upgrading
    • WebAuthn
  • Login Methods
    • Identity Providers
      • Overview
      • Apple
      • Epic Games
      • External JWT
        • Overview
        • Example
      • Facebook
      • Google
      • HYPR
      • LinkedIn
      • Nintendo
      • OpenID Connect
        • Overview
        • Amazon Cognito
        • Azure AD
        • Discord
        • Github
      • Sony PlayStation Network
      • Steam
      • Twitch
      • Twitter
      • SAML v2
        • Overview
        • ADFS
        • Azure AD
      • SAML v2 IdP Initiated
        • Overview
        • Okta
      • Xbox
    • OIDC & OAuth 2.0
      • Overview
      • Endpoints
      • Tokens
      • OAuth Modes
    • Passwordless
      • Overview
      • Magic Links
      • WebAuthn & Passkeys
    • SAML v2 IdP
      • Overview
      • Google
      • Zendesk
  • Developer Guide
    • Overview
    • API Gateways
      • Overview
      • ngrok Cloud Edge
    • Client Libraries & SDKs
      • Overview
      • Dart
      • Go
      • Java
      • JavaScript
      • .NET Core
      • Node
      • OpenAPI
      • PHP
      • Python
      • React
      • Ruby
      • Typescript
    • Events & Webhooks
      • Overview
      • Writing a Webhook
      • Securing Webhooks
      • Events
        • Overview
        • Audit Log Create
        • Event Log Create
        • JWT Public Key Update
        • JWT Refresh
        • JWT Refresh Token Revoke
        • Kickstart Success
        • Group Create
        • Group Create Complete
        • Group Delete
        • Group Delete Complete
        • Group Update
        • Group Update Complete
        • Group Member Add
        • Group Member Add Complete
        • Group Member Remove
        • Group Member Remove Complete
        • Group Member Update
        • Group Member Update Complete
        • User Action
        • User Bulk Create
        • User Create
        • User Create Complete
        • User Deactivate
        • User Delete
        • User Delete Complete
        • User Email Update
        • User Email Verified
        • User IdP Link
        • User IdP Unlink
        • User Login Failed
        • User Login Id Dup. Create
        • User Login Id Dup. Update
        • User Login New Device
        • User Login Success
        • User Login Suspicious
        • User Password Breach
        • User Password Reset Send
        • User Password Reset Start
        • User Password Reset Success
        • User Password Update
        • User Reactivate
        • User Reg. Create
        • User Reg. Create Complete
        • User Reg. Delete
        • User Reg. Delete Complete
        • User Registration Update
        • User Reg. Update Complete
        • User Reg. Verified
        • User 2FA Method Add
        • User 2FA Method Remove
        • User Update
        • User Update Complete
    • Guides
      • Overview
      • Authentication Tokens
      • Exposing A Local Instance
      • JSON Web Tokens
      • Key Master
      • Localization and Internationalization
      • Multi-Factor Authentication
      • Multi-Tenant
      • Passwordless
      • Registration-based Email Verification
      • Searching With Elasticsearch
      • Securing Your APIs
      • Silent Mode
      • Single Sign-on
      • Two Factor (pre 1.26)
    • Integrations
      • Overview
      • CleanSpeak
      • Kafka
      • Twilio
    • Plugins
      • Overview
      • Writing a Plugin
      • Custom Password Hashing
    • User Control & Gating
      • Overview
      • Gate Unverified Users
      • Gate Unverified Registrations
      • User Account Lockout
  • Customization
    • Email & Templates
      • Overview
      • Configure Email
      • Email Templates
      • Email Variables
      • Message Templates
    • Lambdas
      • Overview
      • Apple Reconcile
      • Client Cred. JWT Populate
      • Epic Games Reconcile
      • External JWT Reconcile
      • Facebook Reconcile
      • Google Reconcile
      • HYPR Reconcile
      • JWT Populate
      • LDAP Connector Reconcile
      • LinkedIn Reconcile
      • Nintendo Reconcile
      • OpenID Connect Reconcile
      • SAML v2 Populate
      • SAML v2 Reconcile
      • SCIM Group Req. Converter
      • SCIM Group Resp. Convtr.
      • SCIM User Req. Converter
      • SCIM User Resp. Converter
      • Sony PSN Reconcile
      • Steam Reconcile
      • Twitch Reconcile
      • Twitter Reconcile
      • Xbox Reconcile
    • Messengers
      • Overview
      • Generic Messenger
      • Twilio Messenger
    • Themes
      • Overview
      • Examples
      • Helpers
      • Localization
      • Template Variables
  • Premium Features
    • Overview
    • Advanced Registration Forms
    • Advanced Threat Detection
    • Application Specific Themes
    • Breached Password Detection
    • Connectors
      • Overview
      • Generic Connector
      • LDAP Connector
      • FusionAuth Connector
    • Entity Management
    • SCIM
      • Overview
      • Azure AD Client
      • Okta Client
      • SCIM-SDK
    • Self Service Account Mgmt
      • Overview
      • Updating User Data & Password
      • Add Two-Factor Authenticator
      • Add Two-Factor Email
      • Add Two-Factor SMS
      • Add WebAuthn Passkey
      • Customizing
      • Troubleshooting
    • WebAuthn
  • APIs
    • Overview
    • Authentication
    • Errors
    • API Explorer
    • Actioning Users
    • API Keys
    • Applications
    • Audit Logs
    • Connectors
      • Overview
      • Generic
      • LDAP
    • Consents
    • Emails
    • Entity Management
      • Overview
      • Entities
      • Entity Types
      • Grants
    • Event Logs
    • Families
    • Forms
    • Form Fields
    • Groups
    • Identity Providers
      • Overview
      • Links
      • Apple
      • External JWT
      • Epic Games
      • Facebook
      • Google
      • HYPR
      • LinkedIn
      • Nintendo
      • OpenID Connect
      • SAML v2
      • SAML v2 IdP Initiated
      • Sony PlayStation Network
      • Steam
      • Twitch
      • Twitter
      • Xbox
    • Integrations
    • IP Access Control Lists
    • JWT
    • Keys
    • Lambdas
    • Login
    • Message Templates
    • Messengers
      • Overview
      • Generic
      • Twilio
    • Multi-Factor/Two Factor
    • Passwordless
    • Reactor
    • Registrations
    • Reports
    • SCIM
      • Overview
      • SCIM User
      • SCIM Group
      • SCIM EnterpriseUser
      • SCIM Service Provider Config.
    • System
    • Tenants
    • Themes
    • Users
    • User Actions
    • User Action Reasons
    • User Comments
    • WebAuthn
    • Webhooks
  • Release Notes

    Family APIs

    Overview

    This API has been available since 1.7.0

    A Family allows you to define relationships between one or more Users. A adult User may belong to a single Family, a teen or child may belong to one or more families.

    The following APIs are provided to manage Families and Family memberships.

    • Add a User to a Family

    • Retrieve a Family

    • Update a Family

    • Remove a User from a Family

    • Retrieve Pending Family Members

    • Request Parental Approval

    Add a User to a Family

    This API is used to add a User to a Family. You cannot directly create a family, instead a family is implicitly created when the first User is added.

    Request

    Add a User to a Family with a randomly generated Id

    URI

    POST /api/user/family

    Request Headers

    X-FusionAuth-TenantId [String] Optional

    The unique Id of the tenant used to scope this API request.

    The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

    Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

    See Making an API request using a Tenant Id for additional information.

    Add a User to a Family with the provided unique Id

    URI

    POST /api/user/family/{familyId}

    Request Parameters

    familyId [UUID] Optional defaults to secure random UUID

    The Id to use for the new Family. If not specified a secure random UUID will be generated.

    Request Headers

    X-FusionAuth-TenantId [String] Optional

    The unique Id of the tenant used to scope this API request.

    The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

    Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

    See Making an API request using a Tenant Id for additional information.

    Request Body

    familyMember.userId [UUID] Required

    The unique userId of the User to add to a family.

    familyMember.owner [Boolean] Optional defaults to false

    Set to true to indicate a family owner. This value will be ignored if the user role is Teen or Child.

    familyMember.role [String] Required

    The role of the user in the family. When creating a family the first user must be an Adult, this value must be set to Adult.

    Example Request JSON
    
    {
      "familyMember" : {
        "userId": "b3360a2d-e81d-4314-b9f1-244a916ca52f",
        "owner": true,
        "role": "Adult"
      }
    }

    Response

    The response for this API contains the Family that was created.

    Table 1. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Response Body

    family.id [UUID]

    The unique Id of the family.

    family.insertInstant [Long]

    The instant that the Family was added to the FusionAuth database.

    family.lastUpdateInstant [Long]

    The instant that the Family was updated in the FusionAuth database.

    family.members [Array<Object>]

    The members of this family.

    family.members[x].insertInstant [Long]

    The instant when the user was added to the family.

    families.members[x].lastUpdateInstant [Long]

    The instant when the family member was last updated.

    family.members[x].owner [Boolean]

    True if this user is the owner of the family, the first Adult user in the family will automatically be set as the owner. A teen or child cannot be the family owner.

    family.members[x].role [String]

    The role of the family member. The possible values are:

    • Adult

    • Child

    • Teen

    family.members[x].userId [UUID]

    The unique user Id of the family member.

    Example Response JSON
    
    {
      "family": {
        "id": "a815b480-d52d-4755-96ac-749c067925d7",
        "insertInstant": 1595361142909,
        "lastUpdateInstant": 1595361143101,
        "members": [
          {
            "insertInstant": 1562010348111,
            "lastUpdateInstant": 1595361143101,
            "owner": true,
            "role": "Adult",
            "userId": "b3360a2d-e81d-4314-b9f1-244a916ca52f"
          }
        ]
      }
    }

    Retrieve a Family

    This API is used to retrieve a Family by a User Id or by Family Id.

    Request

    Retrieve a Family by Id

    URI

    GET /api/user/family/{familyId}

    Request Parameters

    familyId [UUID] Required

    The unique Id of the Family.

    Request Headers

    X-FusionAuth-TenantId [String] Optional

    The unique Id of the tenant used to scope this API request.

    The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

    Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

    See Making an API request using a Tenant Id for additional information.

    Request

    Retrieve all of a User’s families by User Id

    URI

    GET /api/user/family?userId={userId}

    Request Parameters

    userId [UUID] Required

    The unique Id of the User.

    Request Headers

    X-FusionAuth-TenantId [String] Optional

    The unique Id of the tenant used to scope this API request.

    The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

    Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

    See Making an API request using a Tenant Id for additional information.

    The response for this API contains the requested family or families.

    Table 2. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you requested doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Response Body

    family.id [UUID]

    The unique Id of the family.

    family.insertInstant [Long]

    The instant that the Family was added to the FusionAuth database.

    family.lastUpdateInstant [Long]

    The instant that the Family was updated in the FusionAuth database.

    family.members [Array<Object>]

    The members of this family.

    family.members[x].insertInstant [Long]

    The instant when the user was added to the family.

    families.members[x].lastUpdateInstant [Long]

    The instant when the family member was last updated.

    family.members[x].owner [Boolean]

    True if this user is the owner of the family, the first Adult user in the family will automatically be set as the owner. A teen or child cannot be the family owner.

    family.members[x].role [String]

    The role of the family member. The possible values are:

    • Adult

    • Child

    • Teen

    family.members[x].userId [UUID]

    The unique user Id of the family member.

    Example Response JSON
    
    {
      "family": {
        "id": "a815b480-d52d-4755-96ac-749c067925d7",
        "insertInstant": 1595361142909,
        "lastUpdateInstant": 1595361143101,
        "members": [
          {
            "insertInstant": 1562010348111,
            "lastUpdateInstant": 1595361143101,
            "owner": true,
            "role": "Adult",
            "userId": "b3360a2d-e81d-4314-b9f1-244a916ca52f"
          }
        ]
      }
    }

    Response Body

    families [Array<Object>]

    The list of Family objects.

    families[x].id [UUID]

    The unique Id of the family.

    families[x].insertInstant [Long]

    The instant that the Family was added to the FusionAuth database.

    families[x].lastUpdateInstant [Long]

    The instant that the Family was updated in the FusionAuth database.

    families[x].members [Array<Object>]

    The members of this family.

    families[x].members[x].insertInstant [Long]

    The instant when the user was added to the family.

    families[x].members[x].lastUpdateInstant [Long]

    The instant when the family member was last updated.

    families[x].members[x].owner [Boolean]

    True if this user is the owner of the family, the first Adult user in the family will automatically be set as the owner. A teen or child cannot be the family owner.

    families[x].members[x].role [String]

    The role of the family member. The possible values are:

    • Adult

    • Child

    • Teen

    families[x].members[x].userId [UUID]

    The unique user Id of the family member.

    Example Response JSON
    
    {
      "families": [
        {
          "id": "a815b480-d52d-4755-96ac-749c067925d7",
          "insertInstant": 1595361142909,
          "lastUpdateInstant": 1595361143101,
          "members": [
            {
              "insertInstant": 1562010348111,
              "lastUpdateInstant": 1595361143101,
              "owner": true,
              "role": "Adult",
              "userId": "b3360a2d-e81d-4314-b9f1-244a916ca52f"
            }
          ]
        }
      ]
    }

    Update a Family

    This API is used to update an existing Family member. You may only update the User’s role or owner status.

    Request

    Update a Family member

    URI

    PUT /api/user/family/{familyId}

    Request Parameters

    familyId [UUID] Required

    The unique Id of the Family.

    Request Headers

    X-FusionAuth-TenantId [String] Optional

    The unique Id of the tenant used to scope this API request.

    The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

    Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

    See Making an API request using a Tenant Id for additional information.

    Request Body

    familyMember.userId [UUID] Required

    The unique userId of the User to add to a family.

    familyMember.owner [Boolean] Optional defaults to false

    Set to true to indicate a family owner. This value will be ignored if the user role is Teen or Child.

    familyMember.role [String] Required

    The role of the user in the family. The possible values are:

    • Adult

    • Child

    • Teen

    Example Request JSON
    
    {
      "familyMember" : {
        "userId": "b3360a2d-e81d-4314-b9f1-244a916ca52f",
        "owner": true,
        "role": "Adult"
      }
    }

    Response

    The response for this API contains the Family that was updated.

    Table 3. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you are trying to update doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Response Body

    family.id [UUID]

    The unique Id of the family.

    family.insertInstant [Long]

    The instant that the Family was added to the FusionAuth database.

    family.lastUpdateInstant [Long]

    The instant that the Family was updated in the FusionAuth database.

    family.members [Array<Object>]

    The members of this family.

    family.members[x].insertInstant [Long]

    The instant when the user was added to the family.

    families.members[x].lastUpdateInstant [Long]

    The instant when the family member was last updated.

    family.members[x].owner [Boolean]

    True if this user is the owner of the family, the first Adult user in the family will automatically be set as the owner. A teen or child cannot be the family owner.

    family.members[x].role [String]

    The role of the family member. The possible values are:

    • Adult

    • Child

    • Teen

    family.members[x].userId [UUID]

    The unique user Id of the family member.

    Example Response JSON
    
    {
      "family": {
        "id": "a815b480-d52d-4755-96ac-749c067925d7",
        "insertInstant": 1595361142909,
        "lastUpdateInstant": 1595361143101,
        "members": [
          {
            "insertInstant": 1562010348111,
            "lastUpdateInstant": 1595361143101,
            "owner": true,
            "role": "Adult",
            "userId": "b3360a2d-e81d-4314-b9f1-244a916ca52f"
          }
        ]
      }
    }

    Remove a User from a Family

    This API is used to remove a User from an existing Family.

    Request

    Remove a User from a Family

    URI

    DELETE /api/user/family/{familyId}/{userId}

    Request Parameters

    familyId [UUID] Required

    The unique Id of the Family.

    userId [UUID] Required

    The unique Id of the User.

    Request Headers

    X-FusionAuth-TenantId [String] Optional

    The unique Id of the tenant used to scope this API request.

    The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

    Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

    See Making an API request using a Tenant Id for additional information.

    Response

    This API does not return a JSON response body.

    Table 4. Response Codes
    Code Description

    200

    The request was successful. The response will be empty.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you are trying to delete doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Retrieve Pending Family Members

    This API is used to retrieve the users pending parent approval.

    Request

    Retrieve pending users by parent email address

    URI

    GET /api/user/family/pending?parentEmail={parentEmail}

    Request Parameters

    parentEmail [String] Required

    The email address of the parent.

    Request Headers

    X-FusionAuth-TenantId [String] Optional

    The unique Id of the tenant used to scope this API request.

    The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

    Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

    See Making an API request using a Tenant Id for additional information.

    Response

    The response for this API contains the requested pending users.

    Table 5. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you requested doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Response Body

    users[x].active [Boolean]

    True if the User is active. False if the User has been deactivated. Deactivated Users will not be able to login.

    users[x].birthDate [String]

    The User’s birthdate formatted as YYYY-MM-DD

    users[x].data [Object]

    An object that can hold any information about the User that should be persisted.

    users[x].email [String]

    The User’s email address.

    users[x].fullName [String]

    The User’s full name as a separate field that is not calculated from firstName and lastName.

    users[x].id [UUID]

    The User’s unique Id.

    users[x].insertInstant [Long]

    The instant when the user was created.

    users[x].parentEmail [String]

    The user’s parent’s email address.

    users[x].passwordChangeRequired [Boolean]

    Indicates that the User’s password needs to be changed during their next login attempt.

    users[x].passwordLastUpdateInstant [Long]

    The instant that the User last changed their password.

    users[x].preferredLanguages [Array<String>]

    An array of locale strings that give, in order, the User’s preferred languages. These are important for email templates and other localizable text. See Locales.

    users[x].tenantId [UUID]

    The Id of the Tenant that this User belongs to.

    users[x].timezone [String]

    The User’s preferred timezone. This can be used as a default to display instants, and it is recommended that you allow User’s to change this per-session. The string will be in an IANA time zone format.

    users[x].twoFactor.methods[x].authenticator.algorithm [String]

    The algorithm used by the TOTP authenticator. With the current implementation, this will always be HmacSHA1.

    users[x].twoFactor.methods[x].authenticator.codeLength [Integer]

    The length of code generated by the TOTP. With the current implementation, this will always be 6.

    users[x].twoFactor.methods[x].authenticator.timeStep [Integer]

    The time-step size in seconds. With the current implementation, this will always be 30.

    users[x].twoFactor.methods[x].email [String]

    The value of the email address for this method. Only present if user.twoFactor.methods[x].method is email.

    users[x].twoFactor.methods[x].id [String]

    The unique Id of the method.

    users[x].twoFactor.methods[x].lastUsed [Boolean]

    true if this method was used most recently.

    users[x].twoFactor.methods[x].method [String]

    The type of this method. There will also be an object with the same value containing additional information about this method. The possible values are:

    • authenticator

    • email

    • sms

    users[x].twoFactor.methods[x].mobilePhone [String]

    The value of the mobile phone for this method. Only present if user.twoFactor.methods[x].method is sms.

    users[x].twoFactor.methods[x].secret [String]

    A base64 encoded secret

    This field is required when method is authenticator.

    users[x].twoFactor.recoveryCodes [Array<String>]

    A list of recovery codes. These may be used in place of a code provided by an MFA factor. They are single use.

    If a recovery code is used in a disable request, all MFA methods are removed. If, after that, a Multi-Factor method is added, a new set of recovery codes will be generated.

    users[x].twoFactorDelivery [String] Deprecated

    The User’s preferred delivery for verification codes during a two factor login request.

    The possible values are:

    • None

    • TextMessage

    Removed in version 1.26.0

    users[x].twoFactorEnabled [Boolean] Deprecated

    Determines if the User has two factor authentication enabled for their account or not.

    Removed in version 1.26.0

    users[x].username [String]

    The username of the User.

    users[x].usernameStatus [String]

    The current status of the username. This is used if you are moderating usernames via CleanSpeak. The possible values are:

    • ACTIVE - the username is active

    • PENDING - the username is pending approval/moderation

    • REJECTED - the username was rejected during moderation

    If a username has been rejected, it is still possible to allow the User to update it and have the new one moderated again.

    users[x].verified [Boolean]

    Whether or not the User’s email has been verified.

    Example Response JSON
    
    {
      "users" : [ {
        "active" : true,
        "birthDate" : "2009-10-31",
        "data" : {
          "attr1" : "value1",
          "attr2" : [ "value2", "value3" ]
        },
        "email" : "somekid@piedpiper.com",
        "fullName" : "Kid A",
        "id" : "00000000-0000-0001-0000-000000000003",
        "insertInstant" : 1572551641422,
        "parentEmail" : "somekidsparent@piedpiper.com",
        "passwordChangeRequired" : false,
        "passwordLastUpdateInstant" : 1572551641422,
        "preferredLanguages" : [ "en", "fr" ],
        "tenantId" : "64653766-6162-6234-3036-393935316533",
        "timezone" : "America/Denver",
        "twoFactorDelivery" : "None",
        "twoFactorEnabled" : false,
        "username" : "somekid",
        "usernameStatus" : "ACTIVE",
        "verified" : true
      } ]
    }

    Request Parental Approval

    This API is used to send an email requesting parental approval for a child registration using the configured tenant.familyConfiguration.familyRequestEmailTemplateId.

    Request

    Request parental approval

    URI

    POST /api/user/family/request

    Request Headers

    X-FusionAuth-TenantId [String] Optional

    The unique Id of the tenant used to scope this API request.

    The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

    Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

    See Making an API request using a Tenant Id for additional information.

    Request Body

    parentEmail [String] Required

    The email address of the parent.

    Example Request JSON
    
    {
      "parentEmail": "somekidsparent@piedpiper.com"
    }

    Response

    This API does not return a JSON response body.

    Table 6. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Feedback

    How helpful was this page?

    See a problem?

    File an issue in our docs repo

    Have a question or comment to share?

    Visit the FusionAuth community forum.

    © 2023 FusionAuth
    Subscribe for developer updates